ICANN Falls Victim to DNS Redirection Attack

ICANN admitted that it recently fell victim to targeted DNS redirection attacks. The attackers were then able to send users to their own Web sites when in reality those users should have landed on ICANN-operated sites.

A spokesperson for ICANN said that "a number of domain names, including icann.com and iana.com were recently redirected to different DNS servers, allowing a group to provide visitors to those domains with their own website. The domains in question are used only as mirrors for ICANN and IANA's main websites. The organizations' actual websites at icann.org and iana.org were unaffected."

ICANN was careful to make it clear that the attacks were not a result of oversights on its own part, but instead were the result of security problems at their own domain registrar, who is responsible for certain DNS records for ICANN domains. According to WhoIS data, ICANN's registrar is Register.com.

The spokesperson also said that some days later they fell victim to another attack when someone managed to exploit a weakness in the Wordpress blogging software used by ICANN. It also said that it has "started an internal review of its existing security procedures" and that "full reports on both incidents have been provided to law enforcement agencies."