Last week, computer hackers gained access and control of Comcast’s domain management system hosted by Network Solutions. The hackers took control over Comcast’s homepage and webmail for nearly five hours before they could regain control.
Article by Kevin Poulsen, Wired.com:
Comcast Hijackers Say They Warned the Company First
"…The hackers say the attack began Tuesday, when the pair used a combination of social engineering and a technical hack to get into Comcast's domain management console at Network Solutions. They declined to detail their technique, but said it relied on a flaw at the Virginia-based domain registrar.
Network Solutions spokeswoman Susan Wade disputes the hackers' account. "We now know that it was nothing on our end," she says. "There was no breach in our system or social engineering situation on our end."
However they got in, the intrusion gave the pair control of over 200 domain names owned by Comcast. They changed the contact information for one of them, Comcast.net, to Defiant's e-mail address; for the street address, they used the "Dildo Room" at "69 Dick Tard Lane."
Comcast, they said, noticed the administrative transfer and wrested back control, forcing the hackers to repeat the exploit to regain ownership of the domain. Then, they say, they contacted Comcast's original technical contact at his home number to tell him what they'd done…"
"…The hackers say the flaw they exploited still exists, and that other large websites are equally vulnerable. Asked if they plan to attack anyone else, EBK says, "Who knows. Only Kryogeniks knows"… "
We receive calls from companies and individuals every week indicated that they have lost control of their domain names. We have posted about protecting your domain name portfolios in prior posts:
Protecting Your Domain Name on the Internet
Protecting Your Domain Name: Control is the Key
One of the Rarely Discussed Benefits of Domain and Website Development
How to Retrieve a Stolen Domain Name
What Are Your Domain Name, Trademarks and Web Traffic Worth?
We are currently representing one client under the Anticybersquatting Consumer Protection Act (ACPA) In Rem provisions in a case pending in Virginia, the home base for Verisign. It is unclear whether the Comcast domains were lost as a result of a phishing attack, wherein Comcast would have responded to an email allegedly from Network Solutions, but had actually been generated by the hackers. Such phishing emails are designed to obtain enough information to allow them to hack into the registrant email account, or directly into the registrant login at the registrar. In any event, millions of dollars in online assets are at stake for most companies with a significant internet presence. Protecting that asset means protecting the registrant login information and choosing a reputable registrar. Network Solution, Tucows, eNom and many others are, from my point of view, not secure. Moniker provides a layer of registrant security which these other registrars do not. Right now, I bet Comcast wishes they had selected a more secure registrar such as Moniker to protect their domain names.
Comments
You can follow this conversation by subscribing to the comment feed for this post.