Domain registry site gets hacked

The Global Name Registry confirms that its .name Web site was hacked over the weekend and blames the attack on the company's move to relaunch its services.

Matt Hines Staff Writer, CNET News.com
Matt Hines
covers business software, with a particular focus on enterprise applications.
Matt Hines
2 min read
The Global Name Registry confirmed that its .name Web site was hacked over the weekend, blaming the attack on the company's move to relaunch its services.

GNR representatives said the site, which administers registration of .name Web domains, was attacked sometime Saturday afternoon and remained corrupted until the problem was fixed Sunday morning. Company President Hakon Haugnes said the hackers exploited a hole in one of the software packages used to maintain the site but indicated that the situation did not cause major damage to its overall operations. He did not comment on what type of software the hole was present in, and he said the site had not been subject to previous attacks.

Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

"Obviously, this sort of thing causes some level of embarrassment, but it appeared to be very isolated," Haugnes said. "You try to keep up with all the software patches out there, but sometimes things like this still happen."

Haugnes said the hackers, identified only by the screen names "SUr00tIK" and "GroMx," posted a page similar in appearance to the actual .name site and featured a broken link to the real GNR page. He said the hack did not affect GNR's other Web pages or internal servers and that the hole used to deface the site has been closed.

GNR believes the .name registry site, which operates generic top-level domains, was targeted due to its recently announced plans to begin marketing second-level .name domain registrations. The company will make hundreds of thousands of new .name domains available Jan. 14 and has already seen its site traffic increase, Haugnes said.

When .name relaunches, many valuable names currently taken on .com, .net and other top-level domains will become available to the public. The company said that when the .info domain set launched in 2001, huge numbers of companies rushed in to protect their trademarks from being taken by other parties. GNR is offering so-called defensive registrations that give companies or individuals the ability to protect their names before they launch.

GNR said VeriSign, which operates the .com and .net top-level domains, is powering the technical operations of .name and will provide the infrastructure for its relaunch.