25 LLLL.COM domains was stolen.

[aaron123]

25 LLLL.COM domains was stolen.

The domains were transferred out of my GoDaddy account and were moved to a namesilo.com and 22.cn.

The following list of domains was stolen and is currently in the process of being reclaimed:

CJQP.COM
GKJM.COM
JHGS.COM
KBXM.COM
KGRQ.COM
KQLD.COM
KQMP.COM
KRNX.COM
KRPZ.COM
KSWN.COM
KWMZ.COM
KXDP.COM
KZGF.COM
KZTQ.COM
MTYN.COM
RZJB.COM
SXDF.COM
DRQW.COM
RQCQ.COM
PQKT.COM
QFPW.COM
GYLZ.COM
GGYL.COM
GYLG.COM
GYLN.COM

Please don't buy those domains.

 

[Chirag]

I proceeded to log out then in 5 times and each time it would come to the code page I would receive the text in seconds

Well the code reaches instantly or within 1 min most of the time, lets say 8/10 times but the other 2 times it goes in delay for 1 hr or more and you need to access the account urgently, you are F***ed-UP then.....

 

[MasterOfMyDomains]

I would be pissed too if it took that long. It must be your carrier. I did notice that each code comes from the same telephone number. Maybe add this number to your list of contacts. (480) 351-**** is the number it comes from at this end.
I also did the 2 step at namesilo. You need to download an app that displays a code, you must enter on pc to login.

Namesilo gave me the option of checking a box saying this pc is safe and 2 step is not needed from this computer. Not sure if godaddy offers that. Namesilo uses an authy app. Can you have the code emailed to be faster?

 

[Chirag]

using authy is better option imho. And about the delay due to network provider then I would like to add; same number received code within 1 min from namecheap when i had issues with godaddy.

 

[MasterOfMyDomains]

Anyways lets hope Aaron gets back those domain names. Did you have other names in there that they did not take?

 

[aaron123]

Anyways lets hope Aaron gets back those domain names. Did you have other names in there that they did not take?

Yes.I woke up early that day.I see the domain contact change and transfer out godaddy mail.I immediately contact godaddy customer service help me change the password.

 

[MasterOfMyDomains]

I think you will get them back. Lets hope the word gets out and noone buys these names. Keep us posted.
where they listed on sedo,afternic? for sale?

 

[aaron123]

I think GoDaddy still has a flaw. When I changed the password, hackers can still operate my account

 

[aaron123]

I think you will get them back. Lets hope the word gets out and noone buys these names. Keep us posted.
where they listed on sedo,afternic? for sale?

Thanks.Those domains 3 domains on 22.cn and 22 domains on namesilo.com

 

[MasterOfMyDomains]

I meant did you have them listed on any marketplace for sale. Like sedo.com or at godaddy auctions?

Members will search them out just to see if they can find them.
Lets hope namesilo has their chit together and does not allow a transfer out. I use them and they seem very legitimate.
Was the godaddy password one that you used at other places like forums or other domain sites, or was it unique only to goodaddy?

 

[NameOmnia]

I think GoDaddy still has a flaw. When I changed the password, hackers can still operate my account

Wait WHAT??? How's that possible @Joe Styler ?

Please aaron123 let us know if Namesilo will act as professionals or not. I am all for deleting untrustworthy registrars from my list of potential ones.

 

[MarketingArchi]

I reached out to Aaron via PM. We do allow expedited transfers many people like this, especially domainers who want to get a sale taken care of quickly so they can get paid sooner and before the buyer changes their mind. We do offer two factor authentication which I personally use and recommend everyone else use to keep their domains safe. Almost every time when I see names stolen two factor would have prevented it. We looked at the google app to do 2fa overseas but decided against it because we wanted to build something ourselves that we felt was a more secure option. I am not saying Google is not secure, I won't go into all the things we looked at but we looked long and hard at many options and picked the one we think is most secure for our customers. We have an expert team that helps with recovering stolen domains and they have been very successful in the past and I hope they will be in this case as well. Whenever someone loses a domain we all feel it, everyone knows how important a domain name or in this case many domains are to your business and that is extremely important to us and we will do everything we can to help. Recovering names that move overseas is not a quick process but we stay at it. I think coming out to let people know publicly is the right thing so that people will not buy the domains.

sms authentication is not reliable in non US countries, you should consider Google Authenticator

 

[aaron123]

Wait WHAT??? How's that possible @Joe Styler ?

Please aaron123 let us know if Namesilo will act as professionals or not. I am all for deleting untrustworthy registrars from my list of potential ones.

Ok thanks.

When I finished reset my password, I log in godaddy and I found I had been stolen 20 domains on GoDaddy.I began to lock all the domains.But after a moment I found my domain name was unlocked.And I found My account had been stolen 25 domains.I'm not sure this is a problem.

 

[discobull]

Ok thanks.

When I finished reset my password, I log in godaddy and I found I had been stolen 20 domains on GoDaddy.I began to lock all the domains.But after a moment I found my domain name was unlocked.And I found My account had been stolen 25 domains.I'm not sure this is a problem.

It sounds like the problem might be with your computer being infected with a key logger or possibly the hackers have access to your email account. I can't tell for sure based on the information you provided, but I would at the very least log in from a different computer that is known to be clean and then change the email address for your godaddy account to a brand new email address.

If you don't have access to another computer, an alternative would be to download a free LiveCD ( eg Knoppix, PCLinuxOS, etc. ) and boot from the CD instead of your hard drive so you know for sure that you're logging in from an uninfected operating system.

 

[Jen-Sin]

@Joe Styler, can I suggest that an additional layer of security be added for push and transfer for domains by requiring a SMS code verification.

Just like how some banks require the same when we want to add a new payee, or do a fund transfer.

 

[discobull]

@Joe Styler, can I suggest that an additional layer of security be added for push and transfer for domains by requiring a SMS code verification.

Just like how some banks require the same when we want to add a new payee, or do a fund transfer.

Godaddy has something like that, but not for all accounts. If you have a premier services account, you can request that all transfers be confirmed via a phone call from one of their reps.

 

[Jen-Sin]

Godaddy has something like that, but not for all accounts. If you have a premier services account, you can request that all transfers be confirmed via a phone call from one of their reps.

How many of us have more than 200 domains and/or annual spending with more than US$5k / US$10k?

This should be offered to all accounts, at least in an automated SMS/phone way. No need to waste manpower to call us. I wonder what's the volume of transfer GoDaddy handles each day, but investing in such a system should make good sense in the long term.

HiChina is one registrar that requires SMS verification before they allow domain push or request of auth code. It frustrates me few days ago (must be their week long holidays) when I'm not receiving their SMSes, but it's working fine now. At least I know it's secured.

 

[moustafa]

I reached out to Aaron via PM. We do allow expedited transfers many people like this, especially domainers who want to get a sale taken care of quickly so they can get paid sooner and before the buyer changes their mind. We do offer two factor authentication which I personally use and recommend everyone else use to keep their domains safe. Almost every time when I see names stolen two factor would have prevented it.

Hello there @Joe Styler How can i enable the two factor authentication in my account? Is it accepted only to account holders from the USA?

 

[Jen-Sin]

Hello there @Joe Styler How can i enable the two factor authentication in my account? Is it accepted only to account holders from the USA?

https://www.godaddy.com/help/enable-two-factor-authentication-7502

 

[moustafa]

With 2-Step Authentication enabled, you have to enter the code every time you log in. If you log in frequently or have multiple users accessing your account, we do not recommend using 2-Step Authentication.

Frequently = How many times per day? or what is my maximum number of logs per day using this 2-Step Authentication? and is there any fee for it?

 

[discobull]

So Godaddy is one of those registrars that still allow to expedite transfers...Maybe it's time to make a change to this? NameCheap seems to become a better alternative every day more..

Namecheap has also recently reverted to offering expedited transfers. Personally, expedited transfers are my preference but if you want to use a registrar that doesn't have that option, then namecheap is not the place to go. I'd also add that I've found myself having to contact namecheap customer service to fix problems ( eg Nameservers can't be updated, Domain transfer attempts generate error messages, etc. ) more often than other registrars. They also don't allow outbound transfers of expired domains even 1 minute after expiry even though that's a violation of ICANN rules. I'm not a fan.

I think Name.com would be a better option. No expedited transfer and they have google authenticator based 2FA so you don't have to worry about international sms issues. They also offer free privacy with a coupon code and are part of the afternic premium network so if you list them on Afternic your domains would show up for for sale in Godaddy's registration path just as they would if t were with GoDaddy.

 

[discobull]

Frequently = How many times per day? or what is my maximum number of logs per day using this 2-Step Authentication? and is there any fee for it?

It's free and there's no maximum. The point is that if you log in frequently it becomes annoying because you have to wait for an sms each time. I log in multiple times a day and it doesn't bother me too much. Where it can be annoying is when you're bidding on many auctions over the course of the day, but I suppose you could always open a second account that doesn't have 2fa and use it for bidding on auctions. Then just push the domains you win to your primary account once you have them.

 

[discobull]

How many of us have more than 200 domains and/or annual spending with more than US$5k / US$10k?

I realize that. Your suggestion is a good one. I just wanted to point out the option for those that qualify. I personally don't use that feature because it sounds like too much of an inconvenience to have to wait for a phone call each time...

 

[SirDrago]

It sounds like the problem might be with your computer being infected with a key logger or possibly the hackers have access to your email account.

Exactly my thought.
Might want to scan your computer with a "Online" scanner. Try Eset Nod32 scanner.

 

[aaron123]

Exactly my thought.
Might want to scan your computer with a "Online" scanner. Try Eset Nod32 scanner.

I use two browsers to test.The result is the same.I have modified the password in a browser, and the other browser can still operate the domain name management

 

[SirDrago]

I use two browsers to test.The result is the same.I have modified the password in a browser, and the other browser can still operate the domain name management

Download ATF Cleaner and use it.
Also..
Right click your C: drive hit properties "Clean disk" select all OK
(Assuming Windows O.S)