How not to get your domain hijacked

Filed under Hacking

You probably have read about the interesting Comcast domain hijack that took very little technical skill a few weeks ago. Apparently these two hackers were able to social engineer their way to obtain access to the Comcast domain registration account that is being managed by Network Solutions. Once they had access they apparently changed the DNS record of to point to name servers under their control, thus hijacking the domain. For a short time they redirected Comcast users to a web page stating the following:

KRYOGENICS Defiant and EBK RoXed Comcast, sHouTz to VIRUS Warlock elul21 coll1er seven.”

Here’s the best part (from the Wired article):

Network Solutions spokeswoman Susan Wade disputes the hackers’ account. “We now know that it was nothing on our end,” she says. “There was no breach in our system or social engineering situation on our end.”

Deny, deny, deny….not surprised at this response since it makes providers like Network Solutions look really bad. Sooner or later all the details about how these guys did it will come out…then the truth will be told.

In the meantime…what can you do to prevent your site from being the next Comcast? Believe it or not…Network Solutions actually has a few good suggestions! Note: this was apparently posted after the Comcast domain hijacking incident…hmmmm…coincidence or not? 🙂

Seriously though. I don’t blame Network Solutions entirely as many companies forget that domain registrations require maintenance and regular review of the security controls around them. By the way, the Wired article that I mentioned above is a great read…and probably the best article currently out there on the hijack.

Post a Comment

Your email is never published nor shared. Required fields are marked *