report Hackers Stole My Website…And I Pulled Off A $30,000 Sting Operation To Get It Back

[Loko]

Not my story but I found it interesting enough to share it.

For several days not so long ago, RamshackleGlam.com — the domain name that I have owned and operated since March of 2010 — did not belong to me, but rather to a man who goes by the name “bahbouh” on an auction website called Flippa, and who was attempting to sell off the site to the highest bidder (with a “Buy It Now” price of $30,000.00). He promised the winner my traffic, my files, and my data, and suggested that I was available “for hire” to continue writing posts (alternatively, he was willing to provide the winner with “high-quality articles” and “SEO advice” to maintain the site’s traffic post-sale)...........

https://medium.freecodecamp.com/hac...0-sting-operation-to-get-it-back-143d43ee3742

 

[DNWon]

Great article! Thanks for sharing. I recommend two factor authentication for all accounts whenever available even though it may slow you down occasionally, it may have prevented this from happening?

 

[Hypersot]

Thanks for the post.. extremely helpful

So, in short,
to get a stolen domain back, one needs to:
-call FBI because registrar won't help (in this case godaddy -no surprise there-)
and
-pay a ransom.

This is a sad world indeed

 

[Paul Nicks]

Thanks for the post.. extremely helpful

So, in short,
to get a stolen domain back, one needs to:
-call FBI because registrar won't help (in this case godaddy -no surprise there-)
and
-pay a ransom.

This is a sad world indeed

hold on a sec, the domain was removed from her HostMonster account, not GoDaddy. The hacked login would have been through the original registrar and they would be the only ones able to prove that she once owned the domain and that it was moved to GoDaddy without her consent. If she called GoDaddy, all we could possibly say is that the original registrar would need to determine the hijacking validity and then contact us to get it back. We would have no way possible of validating her story if the domain wasn't with us initially.

I may seem a bit defensive here, but we've spent a lot of time and effort helping folks on this forum and others get their domains back while also pushing for 2FA to help proactively protect domain owners.

 

[Brand Consultants]

hold on a sec, the domain was removed from her HostMonster account, not GoDaddy. The hacked login would have been through the original registrar and they would be the only ones able to prove that she once owned the domain and that it was moved to GoDaddy without her consent. If she called GoDaddy, all we could possibly say is that the original registrar would need to determine the hijacking validity and then contact us to get it back. We would have no way possible of validating her story if the domain wasn't with us initially.

I may seem a bit defensive here, but we've spent a lot of time and effort helping folks on this forum and others get their domains back while also pushing for 2FA to help proactively protect domain owners.

I have to say that although GoDaddy don't always get it right the first time, they are normally very good at rectifying mistakes. I'll be moving all of my domains to GoDaddy in the near future.

 

[MapleDots]

I appreciate the fact that a godaddy representative monitors these posts. It gives me a good feeling that if an even ever occurred I would have someone to go to who could guide me.

The OP.... my heart goes out to you, nobody should have to go through that much crap to get back what is rightfully theirs. Disputed names like this should have a 48 hour lockdown by both registrars until the real owner can be figured out.

You would almost think there is room for a middle company that can make binding decisions between registrars. An arbitrator that can work on a 48 hour schedule to minimize any business losses for the real website owner.

 

[BrandingModel.com]

Good story, thanks

I love using GoDaddy and any problems I've had has been resolved very quickly.

 

[Paul Nicks]

I appreciate the fact that a godaddy representative monitors these posts. It gives me a good feeling that if an even ever occurred I would have someone to go to who could guide me.

The OP.... my heart goes out to you, nobody should have to go through that much crap to get back what is rightfully theirs. Disputed names like this should have a 48 hour lockdown by both registrars until the real owner can be figured out.

You would almost think there is room for a middle company that can make binding decisions between registrars. An arbitrator that can work on a 48 hour schedule to minimize any business losses for the real website owner.

most registrars do have a transfer lock in place, ours is 60 days, where the domain cannot be moved after it is xferred in. So, even if the hijacker would have sold the domain, they wouldn't have been able to move it until 60 days after the original xfer.

 

[wwwweb]

Understanding the escrow process, taking out the points of the domain being stolen, you can't stop a wire, the domain obviously moved, he would not accept the push, yet seller would have email receipt of push. Funds would be released to seller if buyer does not respond after 24 hours, and end of inspection period?

 

[cdboard]

the author said she did not have her money back yet.

I wonder how the escrow process worked in this case.

 

[frank-germany]

I'll be moving all of my domains to GoDaddy in the near future.

really???
wow

 

[ikhub]

Thanks for sharing this.