.RoTLD Confirms DNS Admin Servers Hack

The administrator of Romania’s top level domain has confirmed a successful attack against its domain server administration infrastructure took place on the night of November 27/28. Forensic analysis is ongoing and results will be published at a later date.

The hack (which we have covered here before) saw domains from companies such as Google, Yahoo and Kaspersky redirected to a defacement page hosted on a (possibly compromised) server in the Netherlands.

The attackhad  managed to poison DNS cache servers of all Romanian internet service providers, as well as some of the international public DNS servers, including the Google DNS ( and as they cache the DNS resolution sent by RoTLD to speed up the resolution process when other similar requests are made and RoTLD servers are, of course, authoritative for .ro domains.

About the author



Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. When Bitdefender isn't paying him to bring complex subjects to wide audiences, he enjoys writing fiction, skiing and biking. Razvan Stoica started off writing for a science monthly and was the chief editor of a science fiction magazine for a short while before moving on to the University of Medicine in Bucharest where he lectured on the English language. Recruited by Bitdefender in 2004 to add zest to the company's online presence, he has fulfilled a bevy of roles within the company since. In his current position, he is primarily responsible for the communications and community-building efforts of the Bitdefender research and technology development arm.

1 Comment

Click here to post a comment