[dns-operations] zdnet blog: ICANN and IANA's domains hijacked by Turkish hacking group

Florian Weimer fweimer at bfk.de
Wed Jul 2 10:25:45 UTC 2008

* Duane Wessels:

> Seems like these guys could have taken over the (real) official
> names if they'd wanted to.

Actually, they did (with first seen/last seen timestamps):

2008-06-26 14:45:15  2008-06-26 15:23:01  iana-servers.net  NS  ns1.atspace.com
2008-06-26 14:45:15  2008-06-26 15:23:01  iana-servers.net  NS  ns2.atspace.com

This is about as worse as it can get--control of iana-servers.net
indirectly affects iana-servers.org, icann.org, and then int and other
TLDs.  Glue and caching may have prevented an immediate global impact,
but the attackers seems to have focused on web defacements, instead of
attempting to cause real mayhem.

Of course, DNSSEC would not have stopped the ICANN hijacks, but the
impact of such an event would not have reached the int TLD in a DNSSEC

Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

More information about the dns-operations mailing list