Administrator Account for Middle East Internet Registry Hacked

  /     /     /  
Publicated : 23/11/2024   Category : security


Administrator Account for Middle East Internet Registry Hacked


The compromise reportedly led to corruption in the routing of a Spanish telecom providers network.



The Regional Internet Registry for Europe, the Middle East, and Central Asia is investigating the compromise of an administrator account that has disrupted network traffic.
In a
statement
, the registry, known as RIPE, said it is investigating the compromise of a RIPE Network Coordination Center Access account that temporarily affected some services for that account.
Our Information Security team is continuing to investigate whether any other accounts have been affected. Account holders who might be affected will be contacted directly by us, the registry said in its statement.
RIPE is the regional database that contains all IP addresses and their owners for every country in the
Middle East
, as well as Europe and Asia.
Internet traffic in the
United Arab Emirates
and
other Middle East nations
showed a dip in network traffic overnight and at the start of today.
This week, a threat actor going by the moniker Ms_Snow_OwO
announced on X
that they had gained access to a RIPE administrator account belonging to telecommunications provider Orange Spain. The attacker also posted the email address they were able to compromise. It was unclear if any other accounts had been hacked.
Orange Spain
later announced
it had suffered improper access that affected some customers, but that service was practically restored.
Security researchers from Hudson Rock
reported that
the Orange Spain employee was infected by the
Raccoon
infostealer malware in September 2023, and their account had access credentials for https://access.ripe.net. The attacker abused the Border Gateway Protocol (BGP) routing configuration for Orange, the researchers noted.
The attacker publicly
disclosed
the password, claiming that the account did not have two-factor authentication enabled. Ironically, the Regional Internet Registry statement in the wake of the attack recommended that account holders enable multifactor authentication.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Administrator Account for Middle East Internet Registry Hacked