How the Domain Names are Hijacked?

How the Domain Names are Hijacked?

No! This is not an article to help or encourage anyone trying to hijack a domain. Rather, this is like an eye-opener and a wake-up call for all those ignorant web-masters to secure their website domains.

From Wiki: Domain hijacking or domain theft is the process by which registration of a currently registered domain name is transferred without the permission of its original registrant, generally by exploiting a vulnerability in the domain name registration system.

Any website consists of 2 parts – a Domain Name System (or DNS) and a web-hosting server (where files reside). What this means is, in reality domain name and web server are 2 completely different entities and are integrated together before the website goes live.

When someone registers a domain name (say example.com) with a domain name registrar (like GoDaddy or Namecheap), he gets to use a control panel provided by the registrar. Using this control panel, he would have to point his domain to his web servers which might be hosted elsewhere. Now whenever an Internet user types “example.com”, the domain name “example.com” is resolved to the target web server and the web page is displayed.

How the Domain names are Hijacked?

A domain can be hijacked only when the domain’s control panel is compromised. In order to gain access to the control panel, you would need these 2 details about the domain

1. The domain registrar name and
2. The administrative email address associated with the domain.

Getting these 2 details is not too tough. Just use a WHOIS service (like DomainTools or whois.net) to lookup the details related to that domain. Under WHOIS Record, you will get to see both the registrar name and the administrative contact email address.

This administrative contact email address is the key to hijack a domain. Once the hacker hacks into this email’s inbox, he will be able to change and control the domain as he likes. Now, hacking an email is a completely different topic. Usually a hacker sends a phishing email containing a fake login page, fooling the user to reveal his email id and password. More sophisticated ways include using keyloggers embedded within an email.

Once the hacker takes full control of this email account, he visits the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.

How to Protect your Website Domain from Hijacking?

If you have read the above part carefully, you would already know the answer for the current question. Yes! keeping your administrative email address associated with your domain secure and safe is the key. I would suggest you to go for private domain registration or WHOIS guard privacy. This would cost you around $3 per year or sometimes, you might get it for free as well.

When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy.

Even with WHOISGuard ON, people can still contact you via a routing email Id provided by WHOISGuard. Some hackers might try to make use of this routing email id to contact you for link exchange or buying text links, so that they get to know your administrative email address if you choose to reply to their requests. Make sure you don’t entertain such requests coming via WHOIS.

Courtesy techpp.com

  • Niki Zerbel
    Posted at 22:10h, 03 November Reply

    Hello, how’s it going? I hope you do well. I needed to say that I like this article.

  • Ahmed Wassam
    Posted at 03:39h, 05 November Reply

    I feel that it is best to write extra on this matter How the Domain Names are Hijacked? | Sainfoinc TechnologySainfoinc Technology. It may not be a taboo topic however generally individuals are not sufficient to speak on such topics.

  • Andrew Pelt
    Posted at 20:14h, 27 November Reply

    I just want to mention I am just all new to blogging and site-building and seriously enjoyed your blog. Very likely I’m going to bookmark your site . You really have perfect posts. Thanks a lot for revealing your web page.

  • Nickie Cusano
    Posted at 10:32h, 11 December Reply

    This posting was stored like a favorite :), I like your site!

  • Denae Horkley
    Posted at 11:32h, 12 December Reply

    I simply want to tell you that I’m very new to weblog and definitely enjoyed your blog. Almost certainly I’m going to bookmark your blog . You certainly come with terrific articles and reviews. Appreciate it for revealing your webpage.

  • Luigi Fulk
    Posted at 16:29h, 15 December Reply

    I just want to tell you that I’m very new to blogging and site-building and certainly savored your web blog. Probably I’m planning to bookmark your blog . You absolutely come with really good posts. Bless you for sharing with us your blog site.

  • Tristan
    Posted at 02:11h, 22 December Reply

    Nice post. I was checking continuously this blog and I’m impressed!
    Very useful information specially the last part :
    ) I care for such info much. I was seeking this certain information for a very long time.
    Thank you and good luck.

Post A Comment