Michele,

thanks for digging even deeper into the precedents! The "dangling DNS" issue is not new, indeed, and there are enough of them for this new long-lasting campaign to be active these days.

Again to distill what possibly is of concern to LACRALO:

member organizations should contact their tech teams and make sure your domain names are well managed;
member organizations should make their members, and organizations and the public in their environment, aware of the issue and make sure all others enact proper remediation;
member organizations could include awareness and prevention of this type of attack in their outreach.

None of this is an ICANN issue though.

Alejandro Pisanty

De: lac-discuss-en <lac-discuss-en-bounces@atlarge-lists.icann.org> en nombre de Michele Neylon - Blacknight via lac-discuss-en <lac-discuss-en@atlarge-lists.icann.org>
Enviado: martes, 27 de febrero de 2024 08:56 a. m.
Para: Carlton Samuels; CPWG
CC: LAC-Discuss-en
Asunto: Re: [lac-discuss-en] [CPWG] Hijacked subdomains of major brands used for spamming

Carlton

This issue was flagged a long time ago by multiple organisations, including Nominet:

https://nominetcyber.com/dangling-dns-is-no-laughing-matter/

Dangling DNS is no laughing matter - Nominet Cyber

nominetcyber.com

The word ‘dangling’ always seems a bit comical to me. However, apply it to the world of the Domain Name System (DNS) and it becomes no laughing matter – but what does it mean? To understand what it is and the issues around dangling DNS, it’s important to first understand the basics of DNS. The...

The problem with large zones is that it becomes increasingly complex for companies and their staff to manage them and avoid these kind of issues.

It’s an interesting problem, but it’s not an easy one to fix.

Regards

Michele

Mr Michele Neylon

Blacknight Solutions

Hosting, Colocation & Domains

https://www.blacknight.com/

Irish & European Website, Cloud, Email & Rackspace Hosting, Domain Registration, Dedicated Servers Ireland

www.blacknight.com

European Web hosting based in Ireland from Blacknight. Professional Linux and Windows website hosting packages with a simple, easy-to-use control panel. Widest range of domain names at the best prices. Microsoft Exchange server hosting, vps hosting and much much more.

https://blacknight.blog/

Intl. +353 (0) 59 9183072

Direct Dial: +353 (0)59 9183090

Personal blog: https://michele.blog/

Michele Neylon :: Pensieri - Technology, Marketing, Domains, Thoughts

michele.blog

Thoughts on technology, running an internet business, blogging, online marketing and gadgets.

Some thoughts: https://ceo.hosting/

Hosting Thoughts & Reflections - Sharing thoughts & experiences

ceo.hosting

Sharing thoughts & experiences

-------------------------------

Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845

I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours.

From: CPWG <cpwg-bounces@icann.org> on behalf of Carlton Samuels via CPWG <cpwg@icann.org>
Date: Tuesday, 27 February 2024 at 03:41
To: CPWG <cpwg@icann.org>
Cc: LAC-Discuss-en <lac-discuss-en@icann.org>
Subject: [CPWG] Hijacked subdomains of major brands used for spamming

[EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources.

....what do we know? And, when did we know it!

https://www.bleepingcomputer.com/news/security/hijacked-subdomains-of-major-brands-used-in-massive-spam-campaign/

Hijacked subdomains of major brands used in massive spam campaign

www.bleepingcomputer.com

A massive ad fraud campaign named

Carlton

==============================
Carlton A Samuels
Mobile: 876-818-1799
Strategy, Process, Governance, Assessment & Turnaround
=============================