Domain Spats & Disputes

Two hackers highjacked the comcast.net domain in May, hacking into the domain’s registrar account and changing the DNS settings for the domain — which took down the ISP giant’s website and knocked out its webmail services for more than five hours.

According to the report in Wired, the hackers used a combination of technical hacking and social engineering to break into Comcast’s account with Network Solutions, which gave them access to change the nameservers for the comcast.net domain. A Network Solutions representative denied that NetSol’s system was compromised.

In gaining access to Comcast’s NetSol account, the hackers gained control of more 200 domain names in the account. They changed the contact information for comcast.net to the e-mail address of one of the hackers; for the street address, they used the “Dildo Room” at “69 Dick Tard Lane.”

In late June, a group of hackers in Turkey highjacked the domains icann.com, icann.net, iana.com andiana-servers.com. ICANN is the Internet Corporation for Assigned Names and Numbers, and IANA is Internet Assigned Numbers Authority. Together, these two organizations oversee the system that manages website nameserver and address information.

According to Zone H, the DNS records of the domains were redirected to point to hosting space at “atspace.com.” The hackers, a Turkish group called NetDevilz, posted this message at the redirected site:

“You think that you control the domains but you don’t! Everybody knows wrong. We control the domains including ICANN! Don’t you believe us?”

NetDevilz was the same group that highjacked the PhotoBucket domain previously.

According to the NYTimes, ICANN blamed the highjacking on a hack into its registrar, which was register.com.

The popular photo-sharing site PhotoBucket had its domain photobucket.com highjacked in June, reported The Register.

A Turkish hacking group called NetDevilz gained access to the domain’s DNS settings and changed the nameservers to send site visitors to a different site.

PhotoBucket drew criticism for not acknowledging the hack. According to ThatDanny, PhotoBucket said nothing initially, then finally posted an announcement blaming “an error in our DNS hosting services.” This kind of head-in-the-sand approach creates suspicion and mistrust among users.