The ISC Website ( was recently compromised and was found to be serving malware.

Michael McNally mcnally at
Tue Dec 30 03:19:03 UTC 2014

On 12/29/14 3:29 PM, Sten Carlsen wrote:
> Hi, Thanks for info.
> While I think I have not been in danger, the one info I did not see is:
> - when was the incident happening?
> I would really suggest to give earliest and latest estimate,
> this might help determine if one is in danger.

Unfortunately the timing of this discovery hit us when many of our
staff were spending time with their friends and family over various
winter holidays.

We are continuing to analyze the incident to learn what we can about
the timeline but although we have some theories about when the
compromise occurred they are not definitive and we would rather
over-warn than give people an assurance that if they visited before
$date that they were safe if there is any chance that that assurance
could turn out to be mistaken.

Even if not exposed by visiting us, this particular exploit appears
to affect a considerable number of sites, many of whom are not yet
aware of it.  The safest, and recommended, course of action, is to
assume that you could have been exposed, either by ISC or by another

Michael McNally

More information about the dhcp-users mailing list