ICANN Hacked
The Internet Corporation for Assigned Names and Numbers or ICANN have been hacked. ICANN are responsible for allocation IP and domain names. They are responsible for maintaining top level domain systems. The company were hacked by using spear phishing attack. Employees were tricked into giving their credentials to email which was from the organisations own domain.
What is Spear Phishing?
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data.
“We believe a ‘spear phishing’ attack was initiated in late November 2014,” Tuesday’s press release stated. “It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.”
Hackers were successfully able to access Centralized Zone Data Systems (CZDS), a members-only Wiki page containing public information, the WHOIS portal (used to look up who registered a particular domain), and the organization’s Centralized Zone Data System (CZDS).
“Based on our investigation to date, we are not aware of any other systems that have been compromised, and we have confirmed that this attack does not impact any IANA-related systems,” ICANN stated
