NordVPN Promotion

Home / Blogs

.Name Registry Hacked

On Saturday, November 29, 2003 a post on the GNSO mailing list indicated that the .name registry website had been hacked. As reported by George Kirikos, “The .name registry’s main website www.nic.name has been hacked, as of Saturday evening in North America. According to Netcraft, they’re running Linux. They must not have kept up to date with all security updates, or someone cracked a password. Hopefully offsite backups were made, to ensure data integrity.”

Although, due to this emergency, the .name web servers have been pulled down as of this writing, just a short few hours ago, visitors to the .name registry home page would find a mysterious black screen upon visiting the site, including the following text:

“Owned by SUr00tIK & GroMx

No files was deleted
Original site available HERE

Last login from: surootik_gromx.polish.underground.pl [2003-11-29]”

The bottom of the black screen also included a rotating image displaying the following text in sequece:

“It’s good.
www.slackware.com
Open Source is Good.
Free is Good.
Slackware Linux.”

In response to this event, Hakon Haugnes, president of Global Name Registry said:

“To those having noticed our website incident:

We did an update to Apache and PHP last week and someone managed to exploit a hole in one of these and replace the index file on the webserver.

No other data than the index.php were replaced, and no other data could be accessed as the webserver is physically and geographically separated from our Registry Systems.

We have taken our webservers down during the weekend to further reinforce our website against similar incidents in the future.

Thank you for your vigilence and to all who notified us about this unfortunate incident.”

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

NordVPN Promotion