ICANN and IANA domains hijacked by Turkish crackers

Written by Marcelo "Vympel" Almeida and Kevin Fernandez

Thursday, 26 June 2008

The ICANN and IANA websites were defaced earlier today by a Turkish group called "NetDevilz". ICANN is responsible for the global coordination of the Internet's system of unique identifiers. These include domain names, as well as the addresses used in a variety of Internet protocols.

The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources.
Their domains were redirecting to a hosting space at "atspace.com" where the defacers left the following message:

"You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"

Hijacked domains include "icann.com", "icann.net", "iana.com" and "iana-servers.com".

We reached the defacers by email but they refused to tell us how they changed the DNS records, however a cross-site scripting or cross-site request forgery vulnerability might have been exploited.

Here is the mirror of the ICANN.com defacement:

You can have a look at their other defacements here:

Original News:

[Source: xssed]