05|30|2008 02:57 pm EDT
Yesterday evening, a pair of hackers took control of Comast Corporation’s domain names. They were able to hack into the administration area within the registrar NetworkSolutions. Access to NSI allowed the hackers privilege to change the DNS records on Comcast’s main domain Comcast.net as well as over 200 other domain names. (Keep reading for more details)
The domain traffic was redirected to the hackers site displaying a proclamation that they “. . .RoXed COMCAST”. The page was displayed for up to 5 hours. The hackers also were able to change the administrative information on Comcast.net. Comcast provides internet and email services to roughly 14 million subscribers.
“the attack shows that old-fashioned account compromises are also sufficient to alter substantial amounts of web traffic.”
The Wired article points out that the hackers claim they were able to gain access to the Comcast domain account at NSI by a “combination of social engineering and a technical hack”, but NSI rep Susan Wade denies their claims. “We now know that it was nothing on our end. There was no breach in our system or social engineering situation on our end.” The hackers also claim that the vulnerability still exists with many other sites. Fortunately, for Comcast users, the hackers say that they did not grab any user information. It’s amazing that this sort of thing can still happen and is a wake up call for registrars, corporations and all domain name owners.
- Class Action Suit Against Network Solutions and ICANN Underway
- Domain Registrar Network Solutions Front Running On Whois Searches
- Network Solutions Enhanced Whois Listings Provide Advertising to 1 Million per Day
- Nigger.com – Network Solutions Promoting Racism and Profiting?
- Network Solutions Got Game – Hijacking Sub-Domains