ICANN hacked through phishing emails

ICANN has been hacked, with the company’s Centralized Zone Data System (CZDS) and ICANN GAC Wiki having been compromised.

The company claims that it was subjected to a "spear phishing" attack through masqueraded emails sent to employees that appeared to be coming from icann.org.

The email asked the employees to log into a fake page which provided hackers with email credentials, reported The Register.

The credentials were later misused to get administrative access to all the files in CZDS, including information entered by users and zone files in the system.

As a precautionary measure, the organisation has deactivated all CZDS passwords of users. Now users will get their new passwords through czds.icann.org.

The members-only index page on ICANN GAC Wiki and one individual user’s profile page was viewed by the attackers, added ICANN.

The domain name overseer also found that the ICANN Blog and ICANN WHOIS, an information portal, was also viewed but the company could not find any impact on the systems.

ICANN said: "Earlier this year, ICANN began a program of security enhancements in order to strengthen information security for all ICANN systems."

"We believe these enhancements helped limit the unauthorized access obtained in the attack. Since discovering the attack, we have implemented additional security measures."

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing