The Latest in IT Security

Ascio Registrar Compromised – Brings Down, Theregister and Others


If you tried to visit today the sites for,, Vodafone, The Daily Telegraph and some other high profile sites, you would have received a scary message saying that they’ve been hacked (by turkguvenligi):

And they were indeed hacked, but not in the way most people think. Their servers were not compromised, in fact it had nothing to do with their sites., a domain registrar (used by all of them) was hacked, which lead to the DNS servers of those sites to be modified to: name server name server name server name server name server name server name server name server

Having control of their DNS, the attackers redirected their web pages to where it had that “hacked” message. And as you can see in their whois information, the records were modified today (at around 1am):

Ascio Technologies Inc t/a Ascio Technologies inc [Tag = ASCIO]

Record created: 2010-10-04 17:54:28
Record last updated: 2011-09-04 22:24:04
Record expires: 2019-05-17 01:00:00

You know what is scarier? Is that with full DNS control, they would be able to redirect and read any email sent to them, mess with their internal communications, and even steal passwords if SSL/encryption is not used. However, it seems the attackers didn’t do any of the above, since the MX and other records seemed in tact.

You know what is interesting? If they were using our web integrity monitoring, they would have received the alert much sooner that the Whois was modified and later that NS and other IP addresses were changed. Early detection is the key in most cases.

Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments