Forums
New posts
New posts
Search forums
Market
Domains/Websites Wanted
.com Domain Market
gTLD Domain Market
ccTLD Domain Market
Web3 Domain Market
Third-Level Domain Market
Adult Domain Market
What's New
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Account Upgrade
Premium Members Directory
Log in
Register
What's New
calendar
Search
Search
Search titles only
By:
New posts
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.
Forums
Domain Discussion
Domain Name Legal Issues
Domains Stolen: 495.com 9985.com 8870.com 8832.com, Etc.
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="vano" data-source="post: 2224775" data-attributes="member: 2925"><p>Update 2: It seems we managed to find out how that all happened.</p><p></p><p>Most likely we had OK protection for the main account at eNom, i.e. a strong enough password, no malware on PC, etc.</p><p></p><p>However, we probably forgot about a single domain passwords, or whatever they call those passwords that are assigned to each domain.</p><p></p><p></p><p>We bought the mentioned domains from other guys and domain auctions (all about a year and more ago) and all the domains were originally at eNom and thus they were free-pushed to our enom account.</p><p></p><p></p><p>We did not realise that at eNom the single domain passwords might be passed to the destination account when the domain is free-pushed.</p><p></p><p>So, it seems we passed some easy-to-guess single domain passwords for each of the mentioned domains when we pushed the domains to our enom account, and the thiefs could guess those passwords via <strong>access.enom.com</strong>, than they changed whois and pushed domains to another enom.com account, and then they immediately transferred to Godaddy.</p><p></p><p>(it seems everything were completed within few min-hours)</p><p></p><p></p><p>Rhetorical Questions:</p><p></p><p>1). why enom.com did not put their 7 days hold between push to other account and transfer to other registrar?</p><p></p><p>2). is access.enom.com protected against password guessing attack?</p><p></p><p></p><p>Unfortunately, no meaningful updates from enom/godaddy so far..</p><p></p><p></p><p>Regards,</p><p></p><p>-Vano</p></blockquote><p></p>
[QUOTE="vano, post: 2224775, member: 2925"] Update 2: It seems we managed to find out how that all happened. Most likely we had OK protection for the main account at eNom, i.e. a strong enough password, no malware on PC, etc. However, we probably forgot about a single domain passwords, or whatever they call those passwords that are assigned to each domain. We bought the mentioned domains from other guys and domain auctions (all about a year and more ago) and all the domains were originally at eNom and thus they were free-pushed to our enom account. We did not realise that at eNom the single domain passwords might be passed to the destination account when the domain is free-pushed. So, it seems we passed some easy-to-guess single domain passwords for each of the mentioned domains when we pushed the domains to our enom account, and the thiefs could guess those passwords via [B]access.enom.com[/B], than they changed whois and pushed domains to another enom.com account, and then they immediately transferred to Godaddy. (it seems everything were completed within few min-hours) Rhetorical Questions: 1). why enom.com did not put their 7 days hold between push to other account and transfer to other registrar? 2). is access.enom.com protected against password guessing attack? Unfortunately, no meaningful updates from enom/godaddy so far.. Regards, -Vano [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Domain Discussion
Domain Name Legal Issues
Domains Stolen: 495.com 9985.com 8870.com 8832.com, Etc.
Top
Bottom