Reseller Figures in Domain Hijacking via Melbourne IT (Again)
August 28th, 2013 By: Rich Miller
“Lapse at Melbourne IT Enables Domain Hijacking.” Does this headline sound familiar to anybody? The Australian domain registrar is acknowledging that a third party was able to alter the domain records for nytimes.com and redirect its web site, forcing one of the world’s leading media organizations to resort to numerical IP addresses to share its work.
Melbourne IT told CNET that “the credentials of a Melbourne IT reseller (username and password) were used to access a reseller account on Melbourne IT’s systems.”
Folks with long memories will remember that Melbourne IT figured in a very similar scenario in the 2005 hijacking of the domain for a New York ISP, disabling email and Internet access for thousands of customers. In January 2005, hackers were able to take control of the domain name for Panix.com. The problem was traced to Melbourne IT, which said the transfer was initiated through the account of a Melbourne IT reseller that was not properly vetted.
At the time, ICANN promised a review of the incident, saying it was “very concerned” that Melbourne IT relied upon a reseller to confirm the transfer request, and will “review the appropriateness of these arrangements.”