Update 4 on
Domain Registration System Issue of 6th February
The LK Domain Registry maintains the Top-Level country code domains .LK, .ලංකා and .இலங்கை. In addition to the servers which run the domain name system - DNS, the Registry maintains a registration system through which customers may register new domains, renew domains, change details of their domains, etc.
In the early morning of Sat 6th February, we received an alert of unauthorised changes to some domain names in .lk. This was immediately investigated by our team, who determined that around 10 domain names had been modified to point to a new IP address. Access to the LK domain registration systems was restricted to prevent further damage. Once the changes were identified, our team immediately reverted the changes to their previous settings. This was completed within 90 minutes.
This issue was immediately reported to our security partner, TechCERT, who started investigations together with the LK technical and the operations teams. It was identified that the changes were done remotely by accessing the Domain Registration system. TechCERT was able to identify that the incident was done by:
- compromising of the credentials of one system user account and
- bypassing of the restrictions which normally prevent the admin interface from being accessed from the Internet.
There is no evidence of any other unauthorised access to our systems. We have also not found any evidence of changes to any .LK websites, or of any information being stolen from any other .LK websites. We have not found any substantial evidence that any malware had been distributed via the website pointed to by the attackers. However investigations are on-going.
When you first log-in to the system after it is back on-line, we recommend you reset your password by visiting My Profile > Change Password .
We are continuing our investigations, and will issue further updates as needed. We thank you for your patience and support during this incident, and assure you of our continued commitment to provide reliable domain registry services.
LK Domain Registry