Recent Posts
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
- $2 million Christmas bonus for ICANN
- Another VW car dot-brand crashes out
- Largest back-end switch EVER as GoDaddy loses deal
- Yeah, we got phished, ICANN admits after crypto hack
- ICANN hacked to promote crypto scam
- Super Bowl a bit of a dud for .com?
- More gloom predicted for .com
- These are the .gov domains Trump has deleted so far
- Did Trump just create the world’s next ccTLD?
- $3,000 to do a Whois lookup?
- PIR to join GlobalBlock, but its crown jewel won’t
- LA wildfire victims get domain deletes delay
- .free domains to finally arrive as Amazon reveals three gTLD launches
- Six more gTLDs shown the door, five may be auctioned
- Registrar terminated after ignoring Whois transition
- $10 million ICANN giveaway winners picked
- Whois officially died today
- Typo left MasterCard open to hackers for years
- Could ICANN approve an R-word gTLD?
- These are the TLD growers and shrinkers of 2024 (part two)
- GoDaddy ordered to stop lying about crappy security
- These are the TLD growers and shrinkers of 2024 (part one)
- Dead terrorist domains for sale, just without the hyphens
- ICANN eyes more price hikes as it predicts dismal year for industry
- Meet the six people battling to join ICANN’s board
- New gTLD use cases not much use
- Defensive dot-brands are renewing, making ICANN millions
- Identity Digital offers free domain trials through LinkedIn
- Antisemitic remarks cost registrar dearly
- ICANN lawyers want to keep their clients secret
- Facebook cybersquatter asks ICANN to overturn UDRP ruling
- .xxx founder Stuart Lawley has died
- The new gTLD Next Round is really happening as two ICANN programs go live
- Verisign has much to be thankful for as .com contract renewed
- Another 40,000 .ai domains registered
- RDRS usage hits new low
- A dot-brand that was actually used is shutting down
- .id joins the million-domain club
- GoDaddy’s .xxx contract renewed
- Twitter clone Bluesky has one feature domain people should like
- ICANN confirms two bans on new gTLD gaming
- eBay slogan domain no longer has a BIN price
- Will Donald Trump be .io’s white knight?
- As customers flee legacy gTLDs, .org tops 11 million names
- Company accidentally puts porn domain on kids’ toys
- eBay’s new slogan looks like a $75,000 domain it doesn’t own
- Americans are deserting .com
- Weak Q3 for the domain universe, Verisign reports
- ICANN says it WILL raise its domain taxes soon
- Senator says domain industry “enables” Russian disinfo attacks
- bit.ليبيا? Libya to get its Arabic ccTLD
- Verisign gets eight more years running the root
- Two-horse race for open ICANN board seat
- Chinese say internet not ready for single-letter gTLDs
- Unloved INTA slams ICANN over new gTLDs
- Namecheap scores win in .org price-cap lawsuit
- Some Guy wants to take over .com and .net
- Second-shot gTLD bid rules revealed
- Nominet names directors after tight election
- Lawyer ban coming to ICANN
- Identity Digital to take over .ai
- ICA teams up with WIPO on UDRP reform
- Response to sex harassment lawsuit “inadequate”, say ICANN vets
- Unstoppable tops four million names
- Amazon readying fashion and book gTLDs
- Five times ICANN deleted a ccTLD, and what it means for .io
- Future of .io domains uncertain as UK hands over Chagos islands
- .ai now has over half a million names
- UK and Israel cut ICANN funding
- Twitter now up-to-date on linkification
- Moment of truth as .music domains finally go on sale
- ICANN fixes embarrassing “What is a Domain Name?” mistake
- Another ccTLD opens up its second level
- Reporter gains first access to .io island for decades
- .io sells $40 million of domains after massive uptick
- After five years, “useless” TLD has two web sites
- Verisign agrees to .com takedown rules
- New .com contract could see ALL domain prices go up
- Investing in .ad domains may be risky
- Plurals ban policy handed to ICANN board
- Three .now domains sell at premium EAP prices
- ICANN confirms new gTLD application fee
- New gTLD application fee rises by thousands after collision call
- Former .co registry defeated in $350 million contract fix case
- Is this the first Next Round new gTLD contention battle?
- ICANN names its Supreme Court judges
- Who uses Sunrise nowadays? You might be surprised
- ICANN gunning for Tencent over abuse claims
- All the one-character .sk domains to be auctioned
- Straggler gTLD signs first ICANN contract for years
- GoDaddy likely to win relaxed .xxx deal
- Tonkin promoted to CEO at auDA
- ICANN hires new Ombuds from WIPO
- Big twist as ICANN bans new gTLD auctions
- ICANN to “strengthen” harassment rules as it picks another homophobic meeting host
- .my global relaunch starts slowly despite cheapo prices
- Hackers break .mobi after Whois domain expires
- The new gTLD next, next and next round
- Squarespace gets sweetened $7.2 billion takeover offer
- ICANN hit by DDoS attack
- Russia calls for ICANN to split from US
Yeah, we got phished, ICANN admits after crypto hack
ICANN has confirmed that a phishing attack was responsible for the hacking of its Twitter account last night.
The Org placed this statement, which suggested that the attack may have been more sophisticated than you might have thought, on its home page earlier this evening:
On 11 February 2025, ICANN became aware of a successful phishing attack on our ICANN X [Twitter] account. We are investigating the root cause of the issue and working to resolve it as soon as possible. ICANN uses multi-factor authentication on all social media platforms and has confirmed that none of our other accounts have been impacted.
The hack saw ICANN’s Twitter account tweet several messages promoting a newly created memecoin cryptocurrency called $DNS, presumably to scam would-be investors out of money.
The compromise, which seemed to be timed to close of business in ICANN’s home in California, did not last long and the tweets were swiftly deleted.
Now ICANN seems to have confirmed that one of its staffers was phished to obtain @ICANN’s login credentials, but the fact that the account was protected by multi-factor authentication creates an additional wrinkle.
Twitter offers three MFA methods — codes delivered via SMS, a mobile authenticator app, or a hardware token.
In each case, logging in requires the user to have a physical device in their hand to create the secondary login credential. The victim would have had to provide this time-limited one-time password to the attacker too.
I hope the staffer who got suckered, presumably a member of the comms team, isn’t getting too much of a bollocking today, as these kinds of attacks are increasingly sophisticated and managing online life increasingly complex.
Just a day earlier, the well-known BBC political journalist Nick Robinson, who presents the popular Today show on Radio 4, got phished in what one assumes was a very similar way and for an identical purpose.
This BBC article goes into some detail about the attack on Robinson, including screenshots of the phishing email he fell for, and goes a way to explain how even somebody trained to avoid this kind of stuff can have a moment of vulnerability.
While few of Robinson’s one million Twitter followers could have seriously believed that Today had launched a memecoin, it’s more plausible that somebody familiar with crypto and somewhat aware of ICANN could have believed that ICANN would. The two areas of tech increasingly intersect nowadays.
When the attack proved successful, the bad guy must have thought all of her Christmases had come at once.
ICANN says it is going to post more information to its cybersecurity incident log as its investigation progresses.
If it turns out the phish was successful because somebody didn’t check the domain name of the link they were clicking on, it could be fascinating reading.
If you find this post or this blog useful or interestjng, please support Domain Incite, the independent source of news, analysis and opinion for the domain name industry and ICANN community.
Even ICANN isn’t safe! This crypto hack proves that no one is immune to phishing attacks. A wake-up call for the entire industry!
Why do you say “even ICANN” ? ICANN information security track record is of an under-performer, so this one shouldn’t come as a surprise.