ICANN Wiki hacked by crypto bots

25.04.2019

ICANN Wiki has been hacked recently by unknown crypto-currency miners. ICANN Wiki is an independent information project, but its activities are closely connected with the organization. In particular, many working groups actively use ICANN Wiki to coordinate their actions when making their decisions.

Quite a curious incident was behind the hacking. ICANN Wiki uses Confluence software. On March 20 its developer, Atlassian Systems, issued a warning that two critical vulnerabilities had been found in the Confluence software and users had to update it immediately. However, it turned out that ICANN was not subscribed to Atlassian Systems’ updates, and ICANN was not on its mailing list, so it wasn’t notified, according to Domain Incite.

Criminals rushed to take advantage of the opportunity. They used one of these vulnerabilities to install a miner to create new cryptocurrency coins. They were only discovered after ICANN IT services began to receive complaints about the website working very slowly, and had to take down their website for several hours to patch it. Now ICANN Wiki works as usual.