I hope no one purchased $DNS.
You can be excused for doing a double take yesterday if you follow The Internet Corporation for Assigned Names and Numbers (ICANN) on X.
The company’s account was briefly compromised last night to promote a crypto scam.
ICANN has confirmed that it was the victim of a phishing attack. It says it uses multi-factor authentication on all social accounts and has confirmed that no other accounts have been compromised.
As captured by John Berryhill, the perpetrators posted information suggesting that ICANN was behind a new crypto project. One post read:
@icann is redefining digital ownership with $DNS – The first memecoin to merge domain governance and Web3 culture on @solana.
ICYMI
— John Berryhill (@berryhillj.bsky.social) February 11, 2025 at 6:22 PM
The post promised an X Spaces event to discuss it.
The post linked to a .org domain that was subsequently deleted. The domain has been re-registered but does not resolve.
It appears that ICANN was quickly able to recover the account.
ICANN has not yet posted anything on X explaining what happened and did not immediately respond to a request for comment from Domain Name Wire. ICANN has confirmed it was the victim of a phishing attack and will provide more details later.
Being hacked happens.
But ICANN simply deleted the Xits and did not issue ANY followup note to the effect that the previously-posted Xits were not genuine. Apparently, one is supposed to simply infer they were unauthorized, leaving everyone to guess.
This is a problem when the reflexively-defensive corporate ego cannot own up to having had a vulnerability, and thus fails to act to appropriately address the event.
My guess is they *do* own up to it, but only after a thorough investigation. Which is not what the overly-cautious organization should do. It should post that it happened (exactly as you said) and say it is investigating it, and then issue a post mortem later.
People were being “sold” something on what appeared to be a recommendation from ICANN. Those coins are still out there for sale.
The responsible thing would be to immediately state it was unauthorized and that an investigation is ongoing.
But ICANN’s legal advisor paralysis results in irresponsible inaction. Because they are more concerned about hypothetical liabilities for admitting that something unfortunate happened than by actually mitigating the potential harm.
It is shameful, but typical, of the cowardly mentality that prevails in over-lawyered organizations.
ICANN has now posted that it was a phishing attack. It says it will state more once it completes its investigation.