ICANN Loses Control of Its Own Domain Names

NotNormallyNormal writes "CBC picked up an AP story about ICANN recently losing control over two of their domain names on Thursday, June 26. A domain registrar run by the group transferred the domains to someone else. ICANN's press release had this to say: 'As has been widely reported, a number of domain names, including icann.com and iana.com were recently redirected to different DNS servers, allowing a group to provide visitors to those domains with their own website. It would appear the attack was sophisticated, combining both social and technological techniques, but was also limited and focused.' Comcast has had similar troubles lately as well."

Social Engineering to Take Over Entire TLDs

[Ron+Bennett]

When I first read this news several days ago, I thought it was referring to the root servers ...

What most don't know is that the TLDs (ie. com, .net, etc) themselves are registered in much the same manner as 2nd level domains are ... see the TLD Whois: http://whois.iana.org/

The major TLDs (.com, .net, etc) are relatively safe, since any changes would likely be difficult to get through - with any changes quickly noticed ... as in within minutes, or even seconds; likely wouldn't even be that effective, since the most popular TLDs zone dns entries are heavily cached.

However, ccTLDs are a different story completely, since ccTLD zone name server changes are more common and thus such change requests would be far less scrutinized.

I've never heard of any TLD being hijacked, but could likely be easily done, since the social engineering involved would be very similar. A frightening prospect.

Ron