GoFuckYourself.com - Adult Webmaster Forum - View Single Post

WarChild · 07-17-2006, 10:05 AM

From what I understand, the "hack" begins with hotmail. If you have a hotmail account listed as your domain admin contact, be very careful.

Somehow, this guy is able to hack hotmail accounts. He then requests directnic to send the password and username to email through the lost password service. Kind of crazy it will send both username AND password from the email, but it does.

After retrieving the username and password for directnic from the hotmail account, he can log in and unlock the domains. Transfer is initiated and accepted because he has the email account still. Voila, domain hijacked.

07-17-2006, 10:05 AM
WarChild Let slip the dogs of war. Industry Role: Join Date: Jan 2003 Location: Bermuda Posts: 17,263	From what I understand, the "hack" begins with hotmail. If you have a hotmail account listed as your domain admin contact, be very careful. Somehow, this guy is able to hack hotmail accounts. He then requests directnic to send the password and username to email through the lost password service. Kind of crazy it will send both username AND password from the email, but it does. After retrieving the username and password for directnic from the hotmail account, he can log in and unlock the domains. Transfer is initiated and accepted because he has the email account still. Voila, domain hijacked. __________________ .