According to the temporary blog set up by MakeUseOf.com, the MakeUseOf.com domain was highjacked right out of the owner’s GoDaddy account.
According to the report, the attacker somehow got the GoDaddy account details by hacking into the account holder’s Gmail account. Apparently, social engineering was also used to convince GoDaddy to go ahead and transfer the domain immediately.
Both eNom and Network Solutions, two very large registrars that handle millions of domain registrations, are the target of a major phishing attack. It is believed that the perptrator(s) purpose is to acquire the login details for victims’ domain registrar accounts and thereby steal or otherwise compromise their domain registrations.
The phishing warning on Network Solutions home page
Phishing warning on eNom
If you receive any e-mail about your domain registration (or any other online account you may have) you should never click any link in the e-mail. Go the website where you have your account by entering the address in the address bar of your browser.
And it never hurts to drop into your domain registrar account to double-check that your contact information (particularly your e-mail address) is current, and to lock your domain, if your registrar offers such an option.
In late June, a group of hackers in Turkey highjacked the domains icann.com, icann.net, iana.com andiana-servers.com. ICANN is the Internet Corporation for Assigned Names and Numbers, and IANA is Internet Assigned Numbers Authority. Together, these two organizations oversee the system that manages website nameserver and address information.
According to Zone H, the DNS records of the domains were redirected to point to hosting space at “atspace.com.” The hackers, a Turkish group called NetDevilz, posted this message at the redirected site:
“You think that you control the domains but you don’t! Everybody knows wrong. We control the domains including ICANN! Don’t you believe us?”
NetDevilz was the same group that highjacked the PhotoBucket domain previously.
According to the NYTimes, ICANN blamed the highjacking on a hack into its registrar, which was register.com.