UPDATED 22:33 EDT / JULY 10 2017

INFRA

In epic security fail, researcher manages to take control of .io domain nameservers

A security researcher has managed to take control of the .io top-level domain name registry thanks to an epic security fail by the company that runs that domain.

Researcher Matthew Bryant discovered that a number of the .io nameservers were available to register and he did just that – register them successfully, leaving him potentially in control of hundreds of thousands of websites.

According to The Register, Bryant managed to obtain control of a0.nic.io, b0.nic.io, c0.nic.io, ns-a1.io, ns-a2.io, ns-a3.io, and ns-a4.io, all core nameservers for the .io top-level domain, or TLD for short. A nameserver is a server on the Internet specialized in handling queries regarding the location of a domain name.

In the event a third party were to obtain control of the nameservers from a given TLD, they could redirect traffic to that domain to wherever they wanted to. For example, a hacker could redirect traffic to a malicious website.

Fortunately, it turns out that Bryant is a good guy and didn’t take advantage of his access and instead attempted to contact NIC.IO, the domain registration company responsible for the .io TLD. While .io is in fairly common usage, the TLD belongs to the British Indian Ocean Territory. The territory consists of more than 1,000 individual islands in the middle of the Indian Ocean, the most notable being Diego Garcia, the home of the United States’ main Indian Ocean military base.

“I … wrote up a summary of the issue and emailed both contacts [at NIC.IO] about the problem and conveyed the urgency of the fix … After sending the email I immediately received a bounce message indicating that the adminstrator@nic.io was not an email address that existed at all,” Bryant wrote on his blog.

Determined to do the right thing, Bryant then called NIC.IO’s support phone number. After a further email, seemingly the issue had been fixed. However, the registrations of the nameservers he had made were revoked without any formal response directly from NIC.IO itself.

The case highlights risks involved in registering and dealing with small and obscure TLD registries following the decision by ICANN in 2015 to allow the creation of hundreds of TLD names. A traditional .com registry can be trusted, but obscure, small companies running lesser-used TLDs present a potential risk to any individuals or companies relying on them for their presence online.

Photo: phobia/Flickr

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.