.nl registry has been hacked

The SIDN (.nl-registry) reported earlier today that one of their servers had been compromised. Malicious software had been installed and the hackers even had access to a list of user-names of registrars and encrypted passwords. The registry hasn’t revealed how safe this encryption was, but abuse of these passwords isn’t ruled out.

Because of this, until further notice no technical updates to .nl domain names are possible. The registry stopped carrying out nameservers updates yesterday at 10pm CET. It isn’t clear yet when they will publish new zonefiles again.

According to the Dutch newssite WebWereld, hackers came in through a SQL-injection which was possible due to a vulnerability  on a sub-site to celebrate the 25’th anniversary of the SIDN. Apparently this site was hosted within the same system as registry critical applications and had access to the password-file.