IEDR Take Website Offline Following High Profile Domain Hijacks

The IEDR websites are currently unavailable.

However this time there is a holding page which carries a simple explanatory message:

IEDR systems are currently unavailable. We apologise for the inconvenience to our customers.

As you may be aware, there was a security incident on Tuesday 9th October, involving two high profile .ie domains.

There was an unauthorised access to one Registrar’s account which resulted in the change to the DNS nameserver records for the two .ie domains.
The IEDR worked with the Registrar to ensure that the nameserver records were reset and corrected promptly.
Simultaneously, IEDR commenced an investigation and analysis, with the assistance of external security experts.

Based on the results of the investigation and the recommendation of security experts,
IEDR are bringing its external web-based systems off-line, commencing at 22:00 hours, in order to perform additional analysis.

Gardai have been notified and IEDR has requested that the Garda Bureau of Fraud Investigation conduct an investigation into this external attack on the .ie namespace.

IEDR will provide further updates on this web page as additional information becomes available.

IEDR Team

Here’s a screenshot of what visitors to the IEDR’s site see:

This follows on yesterday’s incident when both google.ie and yahoo.ie were hijacked, with their nameservers being updated to an unauthorised 3rd party’s.

The WHOIS server for .ie is back online this morning, though it had been taken offline with the websites last night prior to the current holding page being put online.

More on this as it develops.