Hacker News new | past | comments | ask | show | jobs | submit login

I've read through this article several times, and I am failing to see how this could possibly be used to form an attack.

Sure - taking the provider down is bad - but that happens due to unscheduled downtime every other day?




From the article:

>> Speaking with Vince (the administrator of the .ai zone) over WhatsApp, we confirmed that compromising this server would give us full control over any .ai domain:

>> Once administrative access is gained to the CoCCA application, it is possible to control the nameservers for every domain for that ccTLD.

The point is to control domains in a ccTLD. Arbitrary domain hijacking is bad...


The screenshot of the WhatsApp conversation says they'd need admin on the web application. I agree it wasn't clear if they'd gotten that.

Looks like it was via the backup files:

https://news.ycombinator.com/item?id=36305699




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: