[dns-operations] zdnet blog: ICANN and IANA's domains hijacked by Turkish hacking group

[Duane Wessels]

from a private reply...

> Uhm, were any of those domains ever "official?"
>
> They look like they just registered various phishing/typo-like domains in 
> various TLDs.

Right, IANA.COM may not the official site, but I'm sure it was registered
(by IANA even) before today.

One thing I notice is that REGISTER.COM is the registrar for all
these ICANN/IANA names, as well as their other recent "hijack" of
photobucket.com.  The ZDNet article hints that an XSS vulnerability
may have been involved.

Seems like these guys could have taken over the (real) official
names if they'd wanted to.

DW