Domains Stolen from GoDaddy, Four 3 Letter .com's

[BinderGang]

I have discovered over the past few weeks that following domains were stolen from my GoDaddy account by an overseas IP address:

HGX.com
WKZ.com
UKR.com
QVO.com
AtlantaFashion.com

The domains are now registered to a person using the email [email protected]. He is using fake whois information, a fake number, he charged back the domain reseller whom he transferred the domains to, faked email correspondence between myself and him, and is saying he paid by in untraceable Bitcoin.

I have been in constant email contact with Enom and Internet.BS. The two domain registrars whom the domains were transferred to. Yet both registrars are doing little to nothing and now I am going to have to explore my legal options.

Does anyone have any experience in this? Any good contacts to get in touch with. I appreciate your help.

 

[NameOmnia]

Jesus..I am upset every time I read about this kind of thing. But how did they do it?
It really takes someone good to steal all your passwords and also to redirect the messages from GODaddy to your email address ( the ones with the codes ).

Are you sure you don't have a trojan in your computer? Or maybe you logged in in a public place?? A lot of public wifi connections are not protected and secure

 

[joshny]

Damn, you should file a report with both the registrars , i'm sure you did, and then just start the legal procedure, consult your attorney
He will tell you to record your statement along with all proof and proceed accordingly

 

[BinderGang]

They managed to get into my email account somehow (I've had all these domains since 2009 or earlier and just discovered my email account was getting bombarded with hacking attempts left and right). I had what I assumed was a secure password, I guess not. The person forwarded my GoDaddy emails to themselves it seems and had them deleted before I could see them.

 

[RevolutionaryDomains]

.

I have discovered over the past few weeks that following domains were stolen from my GoDaddy account by an overseas IP address:

HGX.com
WKZ.com
UKR.com
QVO.com
AtlantaFashion.com

The domains are now registered to a person using the email [email protected]. He is using fake whois information, a fake number, he charged back the domain reseller whom he transferred the domains to, faked email correspondence between myself and him, and is saying he paid by in untraceable Bitcoin.

I have been in constant email contact with Enom and Internet.BS. The two domain registrars whom the domains were transferred to. Yet both registrars are doing little to nothing and now I am going to have to explore my legal options.

Does anyone have any experience in this? Any good contacts to get in touch with. I appreciate your help.

Contact a domain lawyer immediately. File a report with IC3. Additionally, get the Feds involved if need be, as there should be a local office right there in NY. They can trace all activity globally. Internet fraud is a major crime, and depending upon the dollar amount, could bring heavy consequences, regardless in which country the thieves are hiding. The arms of the Law reach far and wide in this day and age, especially with regard to the internet. Just because they may not live in the US doesn't mean they can't be found and brought to justice. A little pressure on the registrars and they should be able to transfer the names back to you, but again, this is something for the aforementioned entities to advise you of. Good luck and do keep us posted.

 

[.NJ]

Just out of curiosity,

I see you were selling these names throughout the years in the past including Flippa and multiple forums.

Any reason they never sold?

It seems your guy also owns UKR.com.

Here >who.is

 

[BinderGang]

Just out of curiosity,

I see you were selling these names throughout the years in the past including Flippa and multiple forums.

Any reason they never sold?

It seems your guy also owns UKR.com.

Here >who.is

I received many offers ranging 4 to 5 figures for each. Never wanted to sell and decided to hold.

 

[Name Trader]

I would consult a lawyer asap. You need to contact both registers using the language they suggest (or get them to do it).

 

[timestamp]

I'm curious too:

- what is your email provider? gmail, yahoo...
- how often do you use email?
- what was your password? Just type it here, I wanna see how complex it is
- where did you get email correspondence?
- did you use whois privacy?

 

[uswebdev]

I had what I assumed was a secure password, I guess not.

You may want to consider changing all your passwords on everything asap since they had access to your emails and god knows what else.

I find Keepass a useful tool to manage passwords. It's at keepass.info and lets me easily manage good unique passwords for multiple logins for email, websites and desktop applications.

 

[domainscp]

Sorry to hear this Binder, I swear bodily harm needs to be done to these people.

 

[BrandChimp]

what is your email provider?

 

[domainhacks-931385]

He is using Pacific Host for HGX, QVO and atlantafashion.com. Contact [email protected] and report him.

Also, he has a Sedo account since 2006 where he is parking WKZ.com. Here's what you can do

---
Reporting a Stolen Domain/ Stolen Domain Procedure
If you feel that one of the domains parked or listed for sale with Sedo has been hijacked from you, please comply with the following complaint procedure. In order to process your claim, please fax, ATTENTION LEGAL at (617) 499-7226 or email in PDF format to [email protected], a written statement on your company letter head (or in the case of an individual, a letter that includes all of your contact information) that states the following information:
When you originally registered the domain;
When you last registered or renewed the domain;
When you last had the domain under your control;
When you found out it had been stolen from you;
Whether or not you know or can name the person who is now in control of the domain;
The statement: “I have a good faith belief that the domain in question has been unlawfully removed from my control and the current registrant obtained the domain through fraudulent means.”
The statement: “I have either initiated a legal action with my local police or a currently unresolved complaint with the domain’s registrar to recover the domain.”
Once Sedo has received your complaint, an investigation will commence and you will be informed of the outcome within five business days.
---

 

[Arief WN]

...
I find Keepass a useful tool to manage passwords. It's at keepass.info and lets me easily manage good unique passwords for multiple logins for email, websites and desktop applications.

So, you put all your important passwords into just one basket.
How convenient is that for a password thief? :lala:

 

[Keral_Patel]

I don't have any 3 letters in my portfolio but I still keep 2 factor authentication on in my gmail.

Atleast that can add an extra layer of security even if the password is stolen.

Thanks.

 

[Domainerr]

Yup! Two level security authentication is a must to avoid hacking attempts,..having a 3 letter dot com is my dream...oh god..try your best to get back all your assets....i also noted that you are still keeping your Domain names in your signature, i think its not a good idea because Domain is under the control of hacker..am i wrong?..

 

[pelo]

Bitcoin works with an unprecedented level of transparency that most people are not used to dealing with.
All Bitcoin transactions are public, traceable, and permanently stored in the Bitcoin network.

Anyone can see the balance and all transactions of any address, i.e. use: http://blockexplorer.com/ or http://blockchain.info/

Hope it helps.

 

[Abdul Aziz R]

there is something happening:
http://www.ricksblog.com/2014/01/bulletin-godaddy-com-phishing-scam/

 

[12345]

I would highly recommend that everyone look into using a password utility like 1password. It is a little pricey, around $70 for mac and pc, but you just have one master password, and then it makes creating complex passwords for sites really easy. So no more notepad with all your usernames and passwords in it. It also syncs across multiple devices, so if you save a new username/password on your mac, you immediately have access to it on your pc.

 

[Acroplex]

Also, he has a Sedo account since 2006 where he is parking WKZ.com.

Actually, verified with Matt that this is his account at Sedo. The thief did not change the DNS of most of these to remain undetected.