Turkish hackers broke into two of the most established international Websites that oversee and regulate the Internet in order to reroute visitors to a rogue domain, the New York Times reported Friday.
Two of the domains under attack include the Internet Corporation for Assigned Names and Numbers (ICANN, icann.org) and the Internet Assigned Numbers Authority (IANA (iana.org) -- two organizations that that have dominion over numerous critical functions regarding Internet regulation.
IANA oversees the international coordination of the domain name system, IP addressing and other Internet protocol resources. ICANN has global authority over the Internet's identifier system, allocating IP address space and managing the Web's domain name system.
The cyber prank was conducted by the Turkish group known as "NetDevilz," according to researchers at Zone-h, a security organization that logs Web exploits and cyber attacks.
Zone-h researchers said that they were able to contact the hackers but that "they refused to tell us how they changed the DNS records," in Thursday blog post. The researchers speculated that the hackers might have exploited a cross-site scripting or cross-site request forgery vulnerability to execute the attack.
Users that attempted to visit iana.com, iana-servers.com, icann.com and icann.net were subsequently redirected to an illegitimate a hosting space at "atspace.com," where visitors were treated to a message that read: "You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"
The attack on ICANN follows closely on the heels of Thursday's announcement that the organization intended to loosen stringent regulations regarding the assignment and oversight of top level domains, allowing an unlimited number of Web address suffixes in order to create unique customizations.
The landmark decision, which will go into effect in 2009, would allow almost any word to replace .com or .org in a Web site, opening up almost limitless possibilities for domain names.
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
|
10 Security Predictions For 2012 CRN looks into its crystal ball and sees Android, hactivisim and cyber-espionage as some of the top 10 security threats in 2012. |
|
10 Biggest Security Breaches Of 2011 The Top 10 Security Breaches of 2011 show hackers were relentless in their pursuit of profit, compromising computer systems of universities, video-game makers and the largest banks. |
 More
Slide Shows |
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
- Remote Management and IT Security: Building Profits While Reducing Costs
