Dynadot

.FO registry hacked

Labeled as alert in Warnings and Alerts started by HotKey, Sep 28, 2018.

Replies:
13
Views:
831

  1. HotKey

    HotKey Made in Canada VIP

    Posts:
    1,679
    Likes Received:
    3,702
    If you are holding domains directly with the .fo registry, then surely you've received their email, otherwise the notice also appears on the site upon visit. Closed until October 1st, and accounts cannot be accessed.

    Yikes! "all users". We should all know by now, never use same security credentials to access accounts, because of stuff like this.
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. TOP gTLD

    TOP gTLD Established Member

    Posts:
    89
    Likes Received:
    124
    That sounds so bad. You would think they should be able to know better, being in such a highly technological niche. Sorry for those who have accounts with them. Hopefully no bad consequences suffered by fellow-NP-peops.
     
  3. Kate

    Kate Domainosaurus Rex VIP ★★★★★★★★★★

    Posts:
    20,536
    Likes Received:
    20,813
    Are they saying they were storing passwords in plain text rather than in hashed form ? In 2018 ?
     
  4. Paul Buonopane

    Paul Buonopane CTO, NamePros CTO VIP

    Posts:
    1,202
    Likes Received:
    2,012
    Last edited: Sep 29, 2018
  5. dyn888

    dyn888 dnxe @ pm.me Blue Account

    Posts:
    669
    Likes Received:
    24
  6. HotKey

    HotKey Made in Canada VIP

    Posts:
    1,679
    Likes Received:
    3,702
    I don't know how much more details will be shared as per the hack, this registry keeps to itself and is relatively unknown in the domainosphere. Storing in plain text still occurs, amazingly. Didn't this happen with Twitter a short time ago?

    So far no indication domains have been lost, I know all of mine are intact anyways. It looks like the operator locked down the site immediately after the breach.
     
  7. HotKey

    HotKey Made in Canada VIP

    Posts:
    1,679
    Likes Received:
    3,702
    Rough..still not up. Posting has changed from "up and running Oct 1st", to
    Better take the time, fix it properly to ensure the breach doesn't occur again, rather than rushing to keep a deadline and fixing bugs on the fly. Could be the investigation holding it back too.
     
  8. linuxfree

    linuxfree Established Member

    Posts:
    24
    Likes Received:
    39
    OMG! a registry hacked :wideyed: terrible news
     
  9. Kate

    Kate Domainosaurus Rex VIP ★★★★★★★★★★

    Posts:
    20,536
    Likes Received:
    20,813
    It's not the first time a NIC is hacked.
     
  10. linuxfree

    linuxfree Established Member

    Posts:
    24
    Likes Received:
    39
    wish to know if the hacker is a white or black hacker. I mean if the hack was reported directly to the registar by the hacker or if the hacker stole the data from the nic without saying nothing to .FO Registry.
     
  11. Kate

    Kate Domainosaurus Rex VIP ★★★★★★★★★★

    Posts:
    20,536
    Likes Received:
    20,813
    Whoever did this is a blackhat hacker obviously. A white hat would report the vuln privately, and possibly follow up with responsible disclosure after the vuln is remediated.
     
  12. linuxfree

    linuxfree Established Member

    Posts:
    24
    Likes Received:
    39
    Hello Kate! That's why a unique password for each login should be used. A password shared between more than one login is not good.
     
  13. HotKey

    HotKey Made in Canada VIP

    Posts:
    1,679
    Likes Received:
    3,702
    The registry should reopen later today. 2 weeks+ downtime! Crazy.

    They are not divulging any more additional info other than confirming they are 100% certain no payment info was stolen.
     
  14. linuxfree

    linuxfree Established Member

    Posts:
    24
    Likes Received:
    39
    2 weeks of downtime :wideyed: I can't believe it too
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:

Share This Page

Lysted
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...