12 NIC of CoCCA Council of Country Code Administrators Registrar Hacked by 1337

nic hacked by 1337

CoCCA - Council of Country Code Administrators Registrar Service has been hacked by pro hacker 1337 . All NIC domain registrar website under CoCCA are been also hacked. This is the biggest ever cyber attack on Domain Registrars.

Last month, The 1337 hacker released the exploit for vBulletin 4.1.x and 5.x.x on madleets. The major forums hacked by 1337 hacker using the exploit were DirectAdminSuseSiasat PkHostDime,ProPakistani and HostMonster.

This is not the first time domain registrar has been hacked by 1337 hacker, before The Bhutan Nic (NIC.bt), Togo NIC (Nic.tg), NIC of Israel(.il), Pakistan NIC (.pk), NIC of Serbia (.rs), Nic of Uganda(.ug), NIC of Cape Verde(.cv), NIC of Burundi(.bi) were hacked by 1337.

List of Hacked NIC’s:

  • http://nic.ki/ (.ki is the Internet country code top-level domain (ccTLD) for Kiribati)
  • http://nic.sb/ (.sb is the Internet country code top-level domain (ccTLD) for Solomon Islands)
  • http://nic.cx/ (.cx is the country code top-level domain (TLD) for Christmas Island)
  • http://nic.nf/ (.nf is the Internet country code top-level domain (ccTLD) for Norfolk Island)
  • http://nic.gs/ (.gs is the Internet country code top-level domain (ccTLD) for South Georgia and the South Sandwich Islands)
  • http://nic.tl/ (.tl is the current country code top-level domain (ccTLD) for East Timor (Timor-Leste))
  • http://nic.net.nf/ (.nf is the Internet country code top-level domain (ccTLD) for Norfolk Island)
  • http://coccaregistry.com/
  • http://coccaregistry.net/
  • http://wwww.coccaregistry.org/
  • http://cocca.cx/
  • http://cocca.org.nz/

See Also: Google Kenya & Google Burundi Hacked By 1337

Mirrors of the hacked Sites:

  • http://zone-h.org/mirror/id/20907445
  • http://zone-h.org/mirror/id/20907446
  • http://zone-h.org/mirror/id/20907447
  • http://zone-h.org/mirror/id/20907448
  • http://zone-h.org/mirror/id/20907449
  • http://zone-h.org/mirror/id/20907450
  • http://zone-h.org/mirror/id/20907451
  • http://zone-h.org/mirror/id/20907452
  • http://zone-h.org/mirror/id/20907453
  • http://zone-h.org/mirror/id/20907454
  • http://zone-h.org/mirror/id/20907456
  • http://zone-h.org/mirror/id/20907455

It seems that hacker exploited a zero day flaw which helped the hacker to get into NIC servers. It is not clear what level of damage done by the hacker to the NIC because the hacker just defaced the NIC main websites that defacing all the site belonging to ccTLD.

email