The website for the .be registry was hacked during the night on Saturday 27 July. DNS Belgium have issued a statement saying it was again the victim of a defacement with the hacking community apparently turning their sights on their website.
The cause was a vulnerability in an upload script which led to a leak in the Content Management System. This meant the hacker was able to deface the website. The website was restored within the hour and the vulnerable upload script was made inaccessible.
On closer examination however, DNS.be realised there seemed to be malicious software on their web servers that led to the websites taken offline temporarily. After removing the malicious software, the Content Management System was reinstalled.
DNS.be’s technical department is currently further analysing the deface attack. In a statement the registry says first reports are reassuring and indicate no data was stolen or modified from registrars or registrants. Except for the web server, no other systems (such as the registrar platform and the resolving service) seem to be compromised at this moment.
New patches are currently being tested and all going well rolled for the Content Management System within the next few days.