lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <9FA23FD3491948EE9C81C0443422959F@xb.local>
Date: Fri, 27 Jun 2008 15:23:50 +0200
From: "Arne de Bree" <arne@...kie.nl>
To: 'Eren Türkay' <turkay.eren@...il.com>,
	<full-disclosure@...ts.grok.org.uk>
Cc: 'Dancho Danchev' <dancho.danchev@...il.com>
Subject: Re: 
	ICANN and IANA's domains hijacked by Turkish hacking group

I was looking for that as well, and none of the news posts / blog entries
about this or previous actions of these DNS hijackers seem to reveal how it
was done. Just all different stories about companies shitting out stories so
they aren't blamed for it.

My guess would be a 'hack' of the DNS Admin panel using some kind of XSS /
CSRF. Or maybe an account with a guessable password. Nothing fancy, just a
maintainer not being careful enough.

Gr, A

> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-
> bounces@...ts.grok.org.uk] On Behalf Of Eren Türkay
> Sent: vrijdag 27 juni 2008 14:57
> To: full-disclosure@...ts.grok.org.uk
> Cc: Dancho Danchev
> Subject: Re: [Full-disclosure]ICANN and IANA’s domains hijacked by Turkish
> hacking group
> 
> On 27 Jun 2008 Fri 01:49:00 Dancho Danchev wrote:
> > Hello,
> 
> Hi
> 
> > The official domains of ICANN, the Internet Corporation for Assigned
> > Names and Numbers, and IANA, the Internet Assigned Numbers Authority
> > were hijacked earlier today, by the NetDevilz Turkish hacking group
> > which also hijacked Photobucket's domain on the 18th of June.
> >
> > http://blogs.zdnet.com/security/?p=1356
> 
> Then, how did they do it? There is no comment on how it was done and ZDNet
> blog says that attackers refused to answer zone-h's questions.
> 
> Any suggestions? I think that there is no new way of hijacking domain
> names.
> There should be something like social engineering and unfortunately, there
> is
> no patch for human stupidity.
> 
> > Regards
> 
> Regards,
> Eren
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ