Gmail Flaw Drives Domain Dupe
Own a blog? Like your domain name? Granted, it's hard to believe anyone would really want the first and last name of the average American for a domain, but that's exactly what happened to David Airey and davidairey.com. Hackers recently fudged a domain transfer on Airey's behalf, and then demanded a ransom for its return.
Airey is a web designer and, like many in the tech biz, takes his blog somewhat seriously. Not long ago, he decided to take a break from the stress of work, jetting with his girlfriend to India on an exotic vacation. Unfortunately for Airey, he returned to find that his blog had wandered off in the night.
Airey's vacation lasted a month, beginning on the 21st of November. When he returned recently, he was stunned to find that davidairey.com had 'disappeared'. Convinced that it was a domain expiration slip-up, Airey quickly contacted his host, ICDSoft. It didn't take long for the web designer to put two and two together: hackers had made a fraudulent domain transfer request via his web host support panel just as he was stepping on that flight bound for Asia. (Source: computerworld.com)
How had they done it?
According to reports, Airey's announcement on his blog tipped off hackers, who promptly attempted the transfer the day he left for India. They exploited a number of critical flaws in Gmail in order to complete the deal.
Of course, the hackers don't appear to have taken much interest in davidairey.com or its content. They saw a web designer passionate about his blog, and when he demanded a reverse in the transfer (a request his host could do nothing about), the hackers demanded he pay $650 to get it back. Shortly thereafter, the web fiends dropped the price to $250. (Source: theregister.co.uk)
Luckily for Airey, it all worked out in the end. His domain registrar, GoDaddy.com, was eventually able to reverse the fudged transfer.
And yet, the lesson remains: be careful with your Gmail, and take a close look at settings to ensure similar hacks have not been made to your account.
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.