Thread: Hacker Dupes GoDaddy into Transferring Stolen Domain

An unscrupulous person managed to hack into a Gmail account, and then dupe GoDaddy into transferring a stolen domain to them. Scary stuff!

Once inside the Gmail account, the hacker accessed information about the domain MakeUseOf.com. He (or a friend) then contacted GoDaddy via phone, impersonated the real owner, and then arranged for the domain to be transferred to them via NameCheap.

Then the real owners were blackmailed. They received this email:

Hi there,
I said it very simply and very easily !
2 K !
Deal or not ?!
You own the domain I get the money?
Regards

Thankfully, the domain is now back with the owners (after GoDaddy and NameCheap investigated this matter). However, it sure raises a lot of questions about how secure our emails and domains are.

According to Make Use Of: The Real Truth Behind The MakeUseOf.com Domain Crack, the Gmail account had a "strong approximate 15 character long password."

I found out about this story via Hacker Steals MakeUseOf.com Domain, Blackmails Owner

More domains have been stolen: BREAKING: New Gmail Security Flaw. More Domains Get Stolen!

It looks like there may be a serious security flaw in Gmail.

According to GeekCondition.com, a hacker can set up a filter where all emails sent from, say, GoDaddy Support is automatically deleted and forwarded to the hacker's email address.

What you should do if you have a Gmail Account?

Check your filters and make sure that nothing seems out of the ordinary. If you?re using Firefox, you can download an extension called NoScript which helps to prevent you from becoming a victim of one of these attacks. Overall, though, be cautious.

UPDATE: Google has published a response to the recent reports that there may be a security flaw in Gmail.