State-sponsored hackers have breached ICS-Forth, the organization that manages Greece’s top-level domain country codes of .gr and .el.
ICS-Forth, which stands for the Institute of Computer Science of the Foundation for Research and Technology, publicly admitted to the security incident in emails it sent ot domain owners on April 19.
The hackers behind the breach are the same group detailed in a Cisco Talos report from April, which the company named Sea Turtle.
The group uses a relatively novel approach to hacking targets. Instead of targeting victims directly, they breach or gain access to accounts at domain registrars and managed DNS providers where they make modifications to a company’s DNS settings.