[ insider_reports_insider ]
ICANN, IANA, Fall Prey To Hacks
David Utter
Staff Writer
2008-06-27
 Insider Reports RSS Feed
Turkish hackers believed responsible for shenanigans with image site Photobucket.com's domain earlier in June struck at two major domains that hold responsibilities affecting the entire Internet.
 | | ICANN, IANA, Fall Prey To Hacks |  |
One might expect the domains for the Internet Corporation for Assigned Names and Numbers (ICANN) or the Internet Assigned Numbers Authority (IANA) to be a little more resilient in the face of hackers attempting to hijack their domains.
One would be mistaken in that assumption.
Zone-H reported on the embarrassing change in domain records for icann.com, icann.net, iana.com, internetassignednumbersauthority.comm and iana-servers.com. Responsibility for the hack goes to a Turkish group called 'NetDevilz'.
Though Zone-H made contact with the group, the NetDevilz aren't saying how they pulled off their trick. Attempts to access the hacked domains led to a redirection to another domain, with the message, "You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"
Speculation falls on ways the domains could have been compromised. Zone-H suggested exploitation of a cross-site scripting flaw may have taken place.
The popularity of code injection as an attack against sites makes it a possibility. Incidents of injecting code into sites that fail to properly sanitize input makes them vulnerable to data loss and other problems.
Webmasters can use HP's Scrawlr to help detect such flaws. Another free way of tracking a page for possible hacks comes via a suggestion on using Google Trends to find out if unsavory terms suddenly appear on one's site.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
RSS
Archive
Contact Us
Advertise
