In a statement released this week, officials said the hijacking was the result of a security breach at the registrar that manages the affected domains. Though the statement does not name the registrar, a WhoIs search shows the New York-based Register.com manages the domains affected. Not all of ICANN's domains were affected: it's main .org address was not hit during the attack.
Just days after ICANN members voted to open up top-level domains, Turkish hackers calling themselves NetDevilz rerouted traffic from some of the domains used by ICANN and the Internet Assigned Numbers Authority.
Visitors to certain domains on June 26 instead saw the message, "You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us?"
In its statement, ICANN said the attached was launched against the registrar, not ICANN itself.
"It would appear the attack was sophisticated, combining both social and technological techniques, but was also limited and focused," the organization said. "The redirect was noticed and corrected within 20 minutes; however, it may have taken anywhere up to 48 hours for the redirect to be entirely removed from the Internet."
ICANN noted it has launched an internal review of its security procedures in light of the attack.