NameSilo

How I hijacked the top-level domain of Congo, .cd

Labeled as news in ccTLD Discussion, started by DirkS, Jan 16, 2021

Replies:
13
Views:
674

  1. DirkS

    DirkS DutchPirates.com VIP

    Posts:
    6,495
    Likes Received:
    5,228
    Not the first issue with the Congolese ccTLD. Enjoy the read:

    How I hijacked the top-level domain of a sovereign state

    Note: This issue has been resolved and the .cd ccTLD no longer sends NS delegations to the compromised domain.

    TL;DR: Imagine what could happen if the country-code top-level domain (ccTLD) of a sovereign state fell into the wrong hands. Here’s how I (@Almroot) bought the domain name used in the NS delegations for the ccTLD of the Democratic Republic of Congo (.cd) and temporarily took over 50% of all DNS traffic for the TLD that could have been exploited for MITM or other abuse.



    https://labs.detectify.com/2021/01/15/how-i-hijacked-the-top-level-domain-of-a-sovereign-state/

     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. tupungato

    tupungato Wizard VIP

    Posts:
    1,225
    Likes Received:
    962
    A rookie mistake by TLD.
    It's 2021, and people still let important domains drop...
     
  3. HotKey

    HotKey Made in Canada VIP

    Posts:
    3,046
    Likes Received:
    7,592
    Crazy. There are some smart dudes out there. Sentries of countries and their Internets. Never really thought about it before, but nameservers have to be valid domains as well.

    I imagine this kind of negligence might be in part due to the name being overlooked for renewal because of its non-appeal. Someone in billing was like, "why would we own this? Eh, not important".

    Interestingly, the nameservers they moved to was the same name but in the .net TLD, and reg'd in 2019.

    A way around never forgetting to renew is having a custom nameserver using the same domain name I suppose. Having multiple nameservers in a couple of different TLDs adds a layer of redundancy too.
     
  4. CraigD

    CraigD Top Contributor VIP

    Posts:
    3,213
    Likes Received:
    6,724
    It's also never a good idea to list your nameserver domain for a BIN price on a sales platform.

    If it sells, you could instantly lose hosting for domains and all your emails accounts.
     
  5. Jv1999

    Jv1999 Wander Aimlessly: Redeemed Knight of the Exo-Tower VIP

    Posts:
    3,036
    Likes Received:
    3,002
    But I mean... who would do this?

    If you're using the domain for something that important, why would you even have it listed for sale?
     
  6. AEProgram

    AEProgram Top Contributor VIP Blue Account

    Posts:
    1,764
    Likes Received:
    3,496
    In the real world mistakes happen all the time.
     
  7. CraigD

    CraigD Top Contributor VIP

    Posts:
    3,213
    Likes Received:
    6,724
    The same person who forgot to renew their nameserver domain?

    You never know... it's worth stating the obvious sometimes ;)
     
  8. Save Breach

    Save Breach Established Member

    Posts:
    693
    Likes Received:
    1,077
    What people are ignoring is that he wasn't ethical enough to report the expiring name server and instead exploited it by registering it. I know possibly he wasn't aware but being a co-founder of a company which deals in cybersecurity, he should have been aware of the SOP of how vulnerabilities are discovered and reported. Very careless act.

    If he was supposed to be acting in good faith, why not alert the authorities (IANA) first as it could be a major incident if someone was able to drop catch it before it was finally available for registration again?

    Cheers
     
    Last edited: Jan 17, 2021
  9. domaineed

    domaineed Established Member

    Posts:
    663
    Likes Received:
    409
    "In the end, the Congolese government didn’t bother asking for the domain back. It spun up an entirely new but similarly named domain — scpt-network.net — to replace the one now in Almroth’s possession.

    We reached out to the Congolese authorities for comment but did not hear back."

    https://techcrunch.com/2021/01/15/congo-comandeered/
     
  10. Jv1999

    Jv1999 Wander Aimlessly: Redeemed Knight of the Exo-Tower VIP

    Posts:
    3,036
    Likes Received:
    3,002

    Lol I glossed over that but now realized he could've sent what may have perceived to be an outbound sales email lol
     
  11. Ariff BD

    Ariff BD Restricted (15-30%)

    Posts:
    1,253
    Likes Received:
    439
    like my comment,

    if you read all but didn't understand anything because we dont know what are these & why!!!!
     
  12. HotKey

    HotKey Made in Canada VIP

    Posts:
    3,046
    Likes Received:
    7,592
    cloudflare.com = domain + using for their own ns + used for millions others ns = We Shall Not Let This Expire or Bad Things Might Happen
     
  13. DirkS

    DirkS DutchPirates.com VIP

    Posts:
    6,495
    Likes Received:
    5,228
    Yeah, it amazes me they create a single point of failure for every single user. Why they don't use at least one additional TLD, preferably not verisign operated, for their DNS is beyond me.

    Always a good thing, like you mentioned earlier in this thread.
     
  14. The Durfer

    The Durfer Top Contributor VIP Gold Account

    Posts:
    9,108
    Likes Received:
    13,100

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...