How to steal a domain name....

[GeorgeK]

Today's lesson is on how to steal a domain name.....

Step 1. Find a high value domain name with an invalid administrative email address, preferably one that is not actively being used so that it won't be noticed.

Example: nigger.com, nigger.net, nigger.org (owned by NAACP)

Step 2. Note in the WHOIS that the admin email is thawley@BAWAVE.COM, which until yesterday was on a domain (BAWAVE.com) that had long expired and been deleted.

Step 3. Register the aforesaid domain name in Step #2. Oh my, some folks have caught on, as you can see the WHOIS for BAWAVE.com, freshly registered yesterday:

Registrant:
Nigger Inc spring888@hotmail.com +62.3189598
Hendra Gunawan
JL. Bengawan 56
Surabaya,Jawa Timur,Indonesia 60000

Domain Name:bawave.com
Record last updated at 2002-11-04 20:31:57
Record created on 2002/11/4

Step 3a: Ideally, make the registrant in step 3 very obscure, like in a far away land.

Step 4: Activate the domain in Step #3 so that email is working, namely the email address in Step 2.

Step 5: Initiate a transfer request, and accept using the email in step 4.

Step 6: Enjoy

Given the NAACP's inability to fix the problem (I emailed them about this months ago), I acquired a SnapBack, in case someone tried to take the name. I imagine now that the process is unveiled, someone at Verisign (Chuck?) or at ICANN will do something.....(maybe someone in Washington, DC can give the NAACP a call, or something....

[uncle]

it's a well known method and it's pretty annoying that the owners of the stolen domains often don't care..

maybe it should be legalized..

[James Names]

George, I guess I'm wondering why you'd pay $69 for a snap but not $8 to register BAWave.com yourself?

[GeorgeK]

Honour.

[GeorgeK]

(I had already paid for some SnapBacks previously, so the actual cost was zero; if NAACP reads their email, they could have avoided making it such a tempting target, as I warned them months ago, to no avail)

[James Names]

You might want to notify Verisign, although they could probably care less too.

[WildCard]

Yes, verisign will need you to fax all that info to them - unless you want priority processing, which will cost $30. ;-)

Yes, I hate the way they move. Interesting post though. I didn't realize this type of action was available.

-WC-

[GeorgeK]

I posted it on the DNSO GA mailing list (cc'd to Verisign and ICANN), and also to ICANNWatch.com, so somebody should get the message.

NAACP will get the name back, if it's stolen, that's for sure. Those thieves give the rest of us a bad name, though. Would be nice to nail one of them.

[jberryhill]

You know, you can do this with IP address blocks as well.

Check out the IP address block in which cubaweb.cu, along with a bunch of Cuban government websites, is located.

Then, check out the whois for the domain name registration corresponding to the contact email address for that IP address block.

Cigars, anyone?

[GeorgeK]

Update -- admin emails now fixed

Kudos to Richard Lau of MyDomain.com, for helping to get this fixed. The NAACP has updated the admin email of the domains at risk, so that they can't be hijacked the 'easy' way.

Hopefully this is a lesson ICANN and others can learn from, in formulating policy regarding accurate WHOIS (scrubbed to fix data errors, to protect innocent registrants) and transparent WHOIS (to make it harder to commit cybercrimes, the average person can identify a crime that might be about to happen).

[Fearless]

If I had detected this, I would have spent $6.95 and registered the deleted name. Then after I hijacked the names I would contact the NAACP and say, see I told you so. Maybe they would pay a reward. If not, I'm only out $6.95.

[mole]

Hahahahahaaaaa... that's not stealing, that's getting a name from someone who deserves to lose it.

[Nic]

Originally posted by GeorgeK
Today's lesson is on how to steal a domain name.....

Step 1. Find a high value domain name with an invalid administrative email address, preferably one that is not actively being used so that it won't be noticed.

Example: nigger.com, nigger.net, nigger.org (owned by NAACP)

What are you doing checking those domains (nigger.com, nigger.net, nigger.org ) anyway:?

[Silverwire]

Today's lesson is on how to steal a domain name.....

I prefer the old fashioned way: Force the guy to change the registration at gunpoint, then shoot him.

[Silverwire]

Never mind, what was I thinking?


(i'm giving away my best domain name strategy secrets)

[thinkaholic]

How to steal a domain name??

Get a job at NetSol...

[Banned: ad-lib]

Just transferred Yahoo.com to my account. Thanks for the advice George.

[RMF]

I actually came across something like this the other day. I found a domain that had expired, and was used in the admin contact for a VERY large company. I sent them an email explaining what I found, and how they can fix it. I told them that they have a huge security problem that they should be aware of.

Sure, I could have registered that expired domain and stole their company domain from networksolutions, but I live in canada, doh. No, really though, I wouldn't want something like that to happen to me, and I would hope someone would contact me if I was in that situation ( However I doubt I would ever be in that situation ).

RMF

[morel]

Originally posted by Nic


What are you doing checking those domains (nigger.com, nigger.net, nigger.org ) anyway:?

Didn't we all look up naughty words in the dictionary as a kid ?
I think it's human nature.

[Banned: ad-lib]

If I was to change a hijacked domains ownership, to my actual (non-fraudulent) personal info. And sold it. What's the worse thing that could happen?