Domain Spats & Disputes

TechCrunch reported in April that Network Solutions was highjacking subdomains to serve advertising-link filled pages when a user requests a subdomain that isn’t used by domains hosted with NetSol.

This means, for example, that if I hosted domainspats.com with Network Solutions, and if I did not set up a subdomain for domains.domainspats.com, or spats.domainspats.com, or anything.domainspats.com, if anyone typed that address into their browser, instead of getting my standard error page, they would get a page filled with ads for which NetSol gets paid.

This would include domains that aren’t set up to resolve the www version of the domain (e.g., www.domainspats.com), and even with www set up properly, it would apply to any and all typos, such as 222.domainspats.com or eee.domainspats.com, or ww.domainspats.com or wwww.domainspats.com.

According to TechCrunch, this practice is affecting hundreds of thousands of sites hosted with Network Solutions.

Shame on Network Solutions. It’s not the first time they’ve been caught engaging in questionable behavior, and it almost certainly won’t be the last.

Two hackers highjacked the comcast.net domain in May, hacking into the domain’s registrar account and changing the DNS settings for the domain — which took down the ISP giant’s website and knocked out its webmail services for more than five hours.

According to the report in Wired, the hackers used a combination of technical hacking and social engineering to break into Comcast’s account with Network Solutions, which gave them access to change the nameservers for the comcast.net domain. A Network Solutions representative denied that NetSol’s system was compromised.

In gaining access to Comcast’s NetSol account, the hackers gained control of more 200 domain names in the account. They changed the contact information for comcast.net to the e-mail address of one of the hackers; for the street address, they used the “Dildo Room” at “69 Dick Tard Lane.”

The popular photo-sharing site PhotoBucket had its domain photobucket.com highjacked in June, reported The Register.

A Turkish hacking group called NetDevilz gained access to the domain’s DNS settings and changed the nameservers to send site visitors to a different site.

PhotoBucket drew criticism for not acknowledging the hack. According to ThatDanny, PhotoBucket said nothing initially, then finally posted an announcement blaming “an error in our DNS hosting services.” This kind of head-in-the-sand approach creates suspicion and mistrust among users.