*** Welcome to piglix ***

Domain hijacking


Domain hijacking or domain theft (a cybercrime) is the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar software systems.

This can be devastating to the original domain name holder, not only financially as they may have derived commercial income from a website hosted at the domain or conducted business through that domain's e-mail accounts, but also in terms of readership and/or audience for non-profit or artistic web addresses. Additionally, the hijacker can use the domain name to facilitate illegal activity such as phishing, where a website is replaced by an identical website that records private information such as log-in passwords, spam, or even distribution of malware.

Domain hijacking can be done in several ways, generally by exploiting a vulnerability in the domain name registrar's system, through social engineering, or gaining unauthorized access to the domain owner's email account that is associated with the domain name registration.

A frequent tactic used by domain hijackers is to use acquired personal information about the actual domain owner to impersonate them and persuade the domain registrar to modify the registration information and/or transfer the domain to another registrar, a form of identity theft. Once this has been done, the hijacker has full control of the domain and can use it or sell it to a third party.

Other methods include email vulnerability, vulnerability at the domain-registration level, keyloggers, and phishing sites.

Responses to discovered hijackings vary; sometimes the registration information can be returned to its original state by the current registrar, but this may be more difficult if the domain name was transferred to another registrar, particularly if that registrar resides in another country. If the stolen domain name has been transferred to another registrar, the losing registrar may invoke ICANN’s Registrar Transfer Dispute Resolution Policy to seek the return of the domain.

In some cases the losing registrar for the domain name is not able to regain control over the domain, and the domain name owner may need to pursue legal action to obtain the court ordered return of the domain.


...
Wikipedia

...