Melbourne IT admits hack, says 'twas but a flesh wound

Report says Oz outfit hacked to harm Twitter's DNS


Australian domain registrar Melbourne IT admits “an unauthorised third party” has attacked the company, but says the incident was minor.

Domain name registrars have been copping it of late, with name.com yesterday forced to reset its customers' passwords after an attack and Linode taking the same precaution in mid-April.

Online naughtiness perpetration outfit Hack the Planet is thought to have had a hand in name.com's woes and has claimed responsibility for the latter, and for the attack on Melbourne IT. The page on which it does so is now available only through cache trickery here, but says “Xinnet, MelbourneIT, and Moniker” have all been breached. The page also says a dump of registrar information has been released, but the URL at which the file is supposed to live is gone, as is any cached trace.

Domain Name News reports that Hack the Planet targeted Melbourne IT because it does domain business for Twitter.

Melbourne IT offered The Reg the following statement about the incident:

“Melbourne IT is aware of an incident where an unauthorised third party attempted to access Melbourne IT servers. The attacker managed to gain limited access to a low-level server which hosts content for one of Melbourne IT’s non-retail websites but hosts no customer data nor sensitive company data. Our investigations have found no evidence of any data loss and no evidence of unauthorised access to any other Melbourne IT system.”

®

Similar topics


Other stories you might like

  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • What keeps Mandiant Intelligence EVP Sandra Joyce up at night? The coming storm
    The next wave of security maturity is measuring effectiveness, she told The Register

    RSA Conference When Sandra Joyce, EVP of Mandiant Intelligence, describes the current threat landscape, it sounds like the perfect storm. 

    The threat intelligence firm, which is being acquired by Google Cloud, made its annual cybersecurity predictions for the year ahead. And this year, they all materialized at once.

    "We predicted supply-chain attacks four years ago," Joyce said, in an interview with The Register at the RSA Conference. "We predicted deployment of wipers during wartime. And now we're watching all of these things happen at the same time, and in amounts that are greater than ever and at frequencies of scale that are more than ever."

    Continue reading
  • World Economic Forum wants a global map of online crime
    Will cyber crimes shrug off Atlas Initiative? Objectively, yes

    RSA Conference An ambitious project spearheaded by the World Economic Forum (WEF) is working to develop a map of the cybercrime ecosystem using open source information.

    The Atlas initiative, whose contributors include Fortinet and Microsoft and other private-sector firms, involves mapping the relationships between criminal groups and their infrastructure with the end goal of helping both industry and the public sector — law enforcement and government agencies — disrupt these nefarious ecosystems.  

    This kind of visibility into the connections between the gang members can help security researchers identify vulnerabilities in the criminals' supply chain to develop better mitigation strategies and security controls for their customers. 

    Continue reading

Biting the hand that feeds IT © 1998–2022