[ISN] ISP suffers apparent domain hijacking

From: InfoSec News (isn@private)
Date: Sun Jan 16 2005 - 22:23:53 PST


http://news.com.com/ISP+suffers+apparent+domain+hijacking/2100-1025_3-5538227.html

[I'll be willing to bet Panix's domain was hijacked largely in part to
the new ICANN Policy on Transfer of Registrations between Registrars.
( http://www.icann.org/transfers/policy-12jul04.htm ) I have heard 
about a number of high profile domain hijackings this weekend.  - WK]


By Steven Musil 
Staff Writer, CNET News.com
January 16, 2005

A New York Internet service provider said Sunday it was working to 
recover its domain name and e-mail services after suffering an 
apparent hijacking. 

A Panix.com representative said ownership of the domain had been moved 
sometime Friday evening to a company in Australia, the domain name 
server (DNS) records had been moved to the United Kingdom, and that 
the company's mail had been redirected to a company in Canada. 

"We are pulling our hair out here," said the representative, who spoke 
on condition of anonymity. 

The company warned that most customers will either have no access to 
the Panix.com domain or will arrive at a false site. E-mail to the 
domain is being directed to the false site and "should be considered 
lost or compromised," the ISP said in its posting. 

It is unclear how the domain could have been transferred without the 
consent of the owner, and the representative expressed frustration 
with the domain registrars. 

"The registrars have not been as cooperative as common sense would 
dictate," the representative said. 

As a temporary workaround, the company suggested using the Panix.net 
domain in place of the Panix.com domain. The company said that it was 
working around the clock to recover the domain, but warned that may 
not happen until Monday due to time zone differences. 

In September, German police said a teenager had admitted to hijacking 
the domain of the eBay Germany Web site. The domain hijack attack 
happened at the end of August when visitors to the eBay.de site were 
redirected to a different DNS, meaning that they could not access 
auctions. 

Panix, which was founded in 1989, provides Internet access and e-mail 
services to New York City, Long Island, Westchester, Rockland County 
and New Jersey. 



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Mon Jan 17 2005 - 05:58:48 PST