ICANN HACKED: Intruders poke around global DNS innards

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2014/12/17/icann_hacked_admin_access_to_zone_files/

By Kieren McCarthy
The Register
17 Dec 2014

Domain-name overseer ICANN has been hacked and its DNS zone database 
compromised, the organization has said.

Attackers sent staff spoofed emails appearing to coming from icann.org. 
The organization notes it was a "spear phishing" attack, suggesting 
employees clicked on a link in the messages that took them to a bogus 
login page – into which staff typed their usernames and passwords, 
providing hackers with the keys to their work email accounts. No sign of 
two-factor authentication, then.

"The attack resulted in the compromise of the email credentials of several 
ICANN staff members," ICANN's statement on the matter reads, noting that 
the attack happened in late November and was discovered a week later.

With those details, the hackers then managed to access a number of systems 
within ICANN, including the Centralized Zone Data System (CZDS), the wiki 
pages of the Governmental Advisory Committee (GAC), the domain 
registration Whois portal, and the organization's blog.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/