MY Entire domain portfolio has been HIJACKED!

[ashaw]

My email accounts were hacked into... All personal information was taken... Bank account numbers, credit card numbers... including registers. All domain names have been pushed out of my accounts at 4 registers...All appropriate parties have already been contacted regarding personal security...

Please take a look at this list of domain names and contact me via PM if you see or hear of any of these names for sale.

Thanks in advance!


ASHTRAY.US
BABYFACTS.INFO
CAMCORDERREVIEW.INFO
CEAS.INFO
CERTIFIEDAPPRAISAL.INFO
CLASSICALRECORDS.INFO
CLEANED.US
CREDITED.US
ENHANCEIMAGES.COM
ESCROWFUND.INFO
ESCROWFUNDS.INFO
LESSER.INFO
MASTMP3.INFO
OPPS.US
RECORDABLE.US
REDEFINING.INFO
SITESCRIPTS.INFO
STRETCHES.US
STUFFY.US
TAAG.INFO
TRILL.INFO
UNDECIDED.INFO
VIRTUALHOMES.INFO
WIISPORTS.INFO
7-2-2.COM
A-U-U.COM
ABORD.NET
AIRTRANSPORTATION.US
B-L-Y.COM
BANKAACCOUNT.COM
BETAHOMETRIAL.COM
BUSINESSASSISTANCE.INFO
CORPORATEBANKINGACCOUNT.COM
CUCUMBERPEPSI.COM
DREWSWHOLESALE.COM
EXPIRYDATE.INFO
FREEVOIP.INFO
LOCHNESS.US
LOCHNESSMONSTER.US
LOOKUPGOOGLE.COM
MCNQ.COM
MERCHACCOUNT.COM
MYAACCOUNT.COM
OCCUPIABLE.COM
OLIVETDISCOURSE.COM
OPTICALCD.COM
PROSAC.INFO
QUICKCLICKQUOTE.COM
QUICKCLICKQUOTES.COM
RUMANDPEPSI.COM
S-X-X.COM
SAINTJUDES.INFO
SHAWSWHOLESALE.COM
SHRINKERS.INFO
THINKAVAILABLE.COM
THOMASRSHAW.COM
TOMSHAWJR.COM
VOLCANOLOGISTS.INFO
YOUDISCOVER.INFO
YOUTUBEACCOUNT.COM
YOUTUBECOMMUNITY.NET
ZEROTURN.INFO
the-other-side.net
catlyn.info
canadianrx.info
ipodcast.info
chokes.info
contactsport.info
depositories.info
eest.info
internationals.info
kapitalizm.info
acuteasthma.info
businessadviser.info
rapartists.info
rapartist.info
rubberduck.info
wirelessadapter.info
adoptioncenters.info
videogambling.info
wherry.info
foodfight.info
goldinvestors.info
typeins.info
Foretold.info
icelands.info

 

[Kenny]

ashaw,

Sorry to hear this.

I moved this to legal so it would get the proper attention it deserves.

The ones I checked are reg'd at Moniker... who have never lost a single name, much less an entire portfolio.

Perhaps you could help us out with some details of the hijack.

Peace,
Cyberian

 

[italiandragon]

I`m sorry....how did this happen to a pro like you?

 

[flashbanger]

VIRTUALHOMES.INFO is on SEDO for example.

Don't know if you did that.

 

[PowerUp]

I think it's time to beef up security. Registrars should implement a safety feature whereby an owner will request a PIN from the registrar. PIN is sent to owner's mobile phone. Owner must enter the PIN to effect the transfer of domain. PIN expires after 1 or 2 hours.

Sure the registrar will get charged for sending the PIN via sms, but they could pass on this cost to the owner.

 

[scooby47]

If you look up the whois a number of these are still in your name.

But there are two or three other names also across some these.

" Don Hamilton" is the main name that is appearing with an email addy of [email protected] Thre is a contact number but it may be bogus worth a call just to see. There is no saying that that name is correct either a google for his name + domain or domains brings nothing illuminating.

If you can provide any more info I am sure a number of us here may be able to help.

some of these names are with parking companies parked etc.. they must know who has put them in their account and if theft if evidenced ie) you have proof of ownership, sales invoice from registration or purchase etc , they may well have to supply the info to the correct authorities.

 

[labrocca]

I just did a whois lookup for all the domains.

You have some domains at Moniker and they are VERY picky about what domains are allowed out. I suggest you start with them for protecting your names. I am positive they don't want you to be the first guy to lose domains under them. Godaddy pretty much sucks and won't give a crap. I don't think the GD names are recoverable.

I will say that your portfolio doesn't appear to be that expensive. Are any of them sites or just parked domains? Was your overall revenue worth all the reg fees? If not then the thief might have done you a favor. I am just looking on the bright side. Sometimes I wish that a chunk of my crap domains would get stolen. The compulsion to renew them is overwhelming.

 

[Psych101]

It is very sad. Good luck with everything. We should start a donation pool for you. I will be the first to donate.

 

[ashaw]

Thanks for your help guys. I have been working on getting these back for the last few days. So far, I have managed to recover my entire Godaddy portfolio. All other domain names are said to be locked while they look into the situation.

The domain names that were Hijacked are obviously not premium names, but they are names that I have purchased with intention to hold onto for future value.

I will keep you all updated.

 

[Kenny]

Great News!!!!! :wave:

And for all the Bob haters...
well done GD!

Cy

 

[ashaw]

Yes, I was told by everyone to expect the complete opposit. I must say, between Godaddy, Moniker, and Domainsite... Godaddy has been the most responsive, helpful and efficiant. Godaddy was able to collect the needed information from me, complete there investigation and have the domain names back in my account within 3 days.

I have called Moniker and Domainsite dozens of times, and they have yet to move forward in the process going on five days now.

Some tips on dealing with godaddy: Dont threaten them, be calm. They make the final call as what happend in this situation wasnt their fault. Keep on them about updates, and most importantly... Be sure to mention the network(s) of 100,000 + people you associate with daily. I briefly explained to them that a majority of the people I work with are not happy with support they have with Godaddy. I explained to them that most people had doubts of me recieveing my godaddy names back. I ended that conversation letting them know that I would like nothing more then to prove all those people wrong.

Again, I will keep everyone updated. Thanks again for the support.

 

[ashaw]

All moniker domain names have been placed back in my account by Moniker. Though it took longer, and there was less communication... Moniker collected information they needed and got right down to it.

Just waiting on Domainsite now.

EDIT:

DomainSite domain names have all been moved back into my account.

All hijacked domain names have now been recovered!

 

[Damion]

Congratulations Andrew :tu:
Nice to see a happy ending for you!

 

[Krossat]

Thats great to hear Ashaw

Did you get the culprit yet tho? Any info on who could it be???
What about ur emails? could you get them back too???

Very happy and comforting to see these registrars went all the way to getting the domains back

 

[ashaw]

I am working with Google and Microsoft in getting the email accounts back. That doesnt look too promising. Still dont have my gmail account which is linked to my Adwords and Adsense account, but the domain names were my biggest concern.

I dont know who did it, and on an honest note... I dont think I ever will. Thanks for all the support guys/girls.

Andrew Shaw

 

[DomainBELL]

All moniker domain names have been placed back in my account by Moniker. Though it took longer, and there was less communication... Moniker collected information they needed and got right down to it.

Just waiting on Domainsite now.

EDIT:

DomainSite domain names have all been moved back into my account.

All hijacked domain names have now been recovered!

so glad that you are recovering your property...
when I first started reading this thread - I felt so heartsick for you...

so nice to see something so devastating turn out okay...



~DomainBELL (Patricia)

 

[bluetrendz]

Great to hear that

good that the companies were helpful to you in ur trouble...

 

[lpstong]

I am working with Google and Microsoft in getting the email accounts back. That doesnt look too promising. Still dont have my gmail account which is linked to my Adwords and Adsense account, but the domain names were my biggest concern.

I dont know who did it, and on an honest note... I dont think I ever will. Thanks for all the support guys/girls.

Andrew Shaw

Great and congrats on the recovery efforts. So a big Yeahhhhhh! But my questions is since your emails are hijacked. Did you get a new email and change the email in your domain registar accounts? I am sure this is a yes. But just curious.

I just hope nothing happens to much to your Google account and its connection to your adwords and adsense accounts. Google is unsympathetic to those who they ban on the adwords/adsese accounts regardless of whos to blame. Generally this is what I have seen and heard.

 

[scooby47]

well done you ! Ashaw

You really must have been bashing those phones and sending email after email to recify that one. I am glad it looks more on an even keel for you .. you must be pleased but stressed trying to sort this mess out :o

Again I am glad for you that .. the registrars have come good to sort this out!

Take care .. and Lock your PC/ LAPTOP

Family eh ? who needs em ?? lol that aside it is prudent to just lock everything off .. password protect and hard encrypt to be sure .. no guessables .. higher and low case and numerics too for your passwords.

Word of caution on the trying to be secure .. I am absolutely terrified that I croak it (die) and my boys do not have access to unlock these secrets ( circa 5000+ names) Its all well and good being secure but if those secrets pass to the grave and no one can unlock them .. they drop !!!! because - heck thats a mess .. so I am covered :hehe: this info : all user names passwords, registrars , expiry etc is lodged in my will .. so at least they can if they so wish !



anyways well done again .. glad for you its turned out OK

Scooby

 

[Kenny]

Now that this has been resolved I can start my rant.

But first, kudos to the Reg Houses for helping this member to straighten out this THEFT.

<rant>
It all boils down to our eMail Addys. I cannot stress enough the importance of using long and deep PW's and changing them often.

Everything revolves around, and the Reg Houses rely on the whois addy we supply. We start a push/transfer, they send us an eMail, "Have you authorized this....", and whoever controls the addy, controls the portfolio. Period.

I suspect in this case the members PW's were not very strong and that "social engineering" caused this breech of security. However, it also could have been a "nasty" lil RAT or logger installed. You have to allow the logger to install.
So strong AV and malware protection is also vital.

PROTECT your PW's by changing them often, and DEFEND your computer by installing top notch security measures and keeping them up to date.

A good example of what can happen to unprotected boxes is what just went down with NameDrive.
The ddos attack was a combined effort using a "Zombie" network to intensify the load.
Zombies are unsecured computers that have been compromised with Trojans without the owners knowledge and added to a network (sometimes in the the 1000's) of other boxes totally under the control of the hackers.

Unsecured is the KW here folks.
Unsecured boxes lead to compromised PW's.
Lose your addy PW, lose your domains.
</rant>

Peace,
Cy

EDIT: Scooby47 beat me to the punch by 2 minutes.. :wave:
Take it from a couple of "Old School" guys, you cant have too much protection.