ICANN Regains Control of X Account After Phishing Attack

The Internet Corporation for Assigned Names and Numbers (ICANN) has successfully regained control of its X (formerly Twitter) account following a phishing incident.

On February 11, 2025, an ICANN employee fell victim to a phishing attack, granting unauthorized access to the organization's X account. The infiltrators exploited this access to promote a fraudulent cryptocurrency token, urging followers to invest in the scam.

Although the misleading posts were swiftly removed, ICANN remained locked out of its account until March 3, 2025, when X restored their access. Subsequently, ICANN conducted thorough internal security assessments and fully reinstated regular account activities by March 6, 2025.

Upon regaining control, ICANN addressed the incident publicly:

Our @ICANN X account has been secured, and normal activity has resumed. On 11 February 2025, unauthorized messages were posted but have since been removed. We appreciate your patience and support as we resolved the issue. As a reminder, ICANN will never ask for payments or investments on social media. Thank you.

ICANN emphasized that all its social media platforms are protected by multi-factor authentication (MFA). Despite this, the breach occurred, highlighting the sophisticated nature of modern phishing tactics. The organization is actively investigating the root cause of the attack and plans to share detailed findings to help others bolster their cybersecurity measures.

This incident underscores the critical importance of vigilance against phishing attempts, even for organizations with robust security protocols. It serves as a stark reminder that continuous education and proactive security measures are essential in defending against evolving cyber threats.