- Impact
- 21,788
Hijacking .uk domains with eNom
Advisory: https://m.pr/enom-advisory-20170901.htmlVulnerability & description
Update: eNom have disabled inter-account .uk transfers as of 2017-09-02 which mitigates this issue. Inter-account .uk transfers are no longer vulnerable as they are no longer possible without manual assistance from eNom. The details below are for reference only.
eNom allows zero-confirmation .uk domain transfers between reseller accounts. This bypasses all account security and usual domain transfer authorisation. Combined with instant IPS tag changes at Nominet, the .uk regional registrar, .uk domains can be hijacked within minutes and placed into a state where only a manual access restoration procedure with Nominet can recover the domains.
This vulnerability is accessible to and impacts anyone with an eNom account or anyone with an account with an eNom reseller which provides automated domain transfers.
The vulnerability is within eNom's .uk transfer system and impacts .uk domains only. It does not impact second level .??.uk domains such as .co.uk and .org.uk.