A “spearfishing” attack aimed at US-based nonprofit Internet Corporation for Assigned Names and Numbers (Icann) hooked staff members with emails crafted to appear as though they were sent from peers using “icann.org” addresses, according to a blog post.
The attack resulted in the compromise of the email credentials of several Icann staff members.
Typically, spearfishing attacks dupe people into clicking on links to what appeared to be legitimate email log-in pages but aren’t or open attached files booby-trapped with viruses.
The ruse won hackers Icann email user names and passwords, giving the intruders control of accounts and keys to reaching deeper, according to the blog post.
User names and passwords were used this month to access a Centralized Zone Data System, where hackers could get hold of files…
View original post 74 more words