ICANN hackers sniff around global DNS root zone system
Kieren McCarthy reports:
Domain-name overseer ICANN has been hacked and its root zone administration system compromised, the organization has said.
Attackers sent staff spoofed emails appearing to coming from icann.org. The organization notes it was a “spear phishing” attack, suggesting employees clicked on a link in the messages, and then typed their usernames and passwords into a bogus webpage, providing hackers with the keys to their accounts. No sign of two-factor authentication, then.[…]
The CZDS gives authorized parties access to all the zone files of the world’s generic top-level domains. It is not possible to alter those zone files from within that system, but the hackers did manage to obtain all the information of those who are registered with the system, which include many of the administrators of the world’s registries and registrars.
In an email sent to every CZDS user, ICANN has warned that “the attacker obtained administrative access to all files in the CZDS including copies of the zone files in the system. The information you provided as a CZDS user might have been downloaded by the attacker. This may have included your name, postal address, email address, fax and telephone numbers, and your username and password.”
Read more on The Register.