Full Disclosure: Re: [Full-disclosure] ICANN and IANA's domains hijac ked by Turkish hacking group

Re: [Full-disclosure] ICANN and IANA's domains hijac ked by Turkish hacking group

From: "Arne de Bree" <arne () bukkie nl>
Date: Fri, 27 Jun 2008 15:23:50 +0200

I was looking for that as well, and none of the news posts / blog entries
about this or previous actions of these DNS hijackers seem to reveal how it
was done. Just all different stories about companies shitting out stories so
they aren't blamed for it.

My guess would be a 'hack' of the DNS Admin panel using some kind of XSS /
CSRF. Or maybe an account with a guessable password. Nothing fancy, just a
maintainer not being careful enough.

Gr, A

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-
bounces () lists grok org uk] On Behalf Of Eren Türkay
Sent: vrijdag 27 juni 2008 14:57
To: full-disclosure () lists grok org uk
Cc: Dancho Danchev
Subject: Re: [Full-disclosure]ICANN and IANAs domains hijacked by Turkish
hacking group

On 27 Jun 2008 Fri 01:49:00 Dancho Danchev wrote:

Hello,

Hi

The official domains of ICANN, the Internet Corporation for Assigned
Names and Numbers, and IANA, the Internet Assigned Numbers Authority
were hijacked earlier today, by the NetDevilz Turkish hacking group
which also hijacked Photobucket's domain on the 18th of June.

http://blogs.zdnet.com/security/?p=1356


Then, how did they do it? There is no comment on how it was done and ZDNet
blog says that attackers refused to answer zone-h's questions.

Any suggestions? I think that there is no new way of hijacking domain
names.
There should be something like social engineering and unfortunately, there
is
no patch for human stupidity.

Regards


Regards,
Eren

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

ICANN and IANA’s domains hij acked by Turkish hacking group Dancho Danchev (Jun 27)
- Re: [Full-disclosure] ICANN and IANA’s domains hija cked by Turkish hacking group Eren Türkay (Jun 27)
  - Re: [Full-disclosure] ICANN and IANA's domains hijac ked by Turkish hacking group Arne de Bree (Jun 27)