GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Designer lost his domain because of flaw in gmail.

Barefootsies · 12-25-2007, 06:19 PM

What would you do if a criminal stole something very personal, and very valuable from you?

What if they were able to target your business and criple your income?

You wouldn?t be too happy now, would you?

What if you also discovered that this was happening because of a Google security infection that can affect every GMail user on the planet?

That?s what has just happened to me, and here I?m going to tell you my story. I will detail everything I know about the web pirates who are threatening my livelihood, and tell you what you need to know in order to avoid the same thing happening to you.

Kit Kat packaging

On November 20th 2007 I left the UK to spend a month?s holiday in India. I?d been planning this break for over a year, and was looking forward to taking my girlfriend away on our first foreign trip together. Prior to leaving, I published a blog post to let my readers know I?d be away for a while, and that my blog would be a quiet place in my absence.

All my clients were informed, bills paid, loose ends tied up, and off I went on a new adventure.

I arrived in Mumbai on November 21st, and on the journey from the airport to the Colaba district, was punched in the face by an Indian youth, but that?s another story.

Mumbai India

During the month ahead, I knew I?d be irregularly checking my emails, but only to let my loved ones know everything was fine. This holiday was to be a break from work, and a break from computers.

Indeed everything was fine for a few weeks, until December 15th (five days before I was due to return from holiday). I called into an internet café in Goa, and read some worrying emails from good friends of mine. I was informed that my website had disappeared, and that my domain name (www.davidairey.com) was now redirecting to some random website - bebu.net.

I was confused, and anxious. How could this happen? I hadn?t received any notification of my domain name expiry, and I never divulge any passwords to anyone. The only possible explanation for me was that somehow, the domain name had expired without me receiving any notice, and that some domain poacher had snapped it up before I got a chance to renew.

My website had been pulling in over 2,000 unique daily visits. Not a massive amount by any stretch of the imagination, but for a one-man operation, 700,000+ annual visitors can generate a nice amount of new logo design business.

So I ran a WHOIS check on davidairey.com, hoping to find an email address for the new owner. The search yielded this email address: [email protected] and here?s the email I sent:

Hello,

Please can I purchase my old domain name from you. It seems it expired without my knowledge.

www.davidairey.com

Kind regards,

David

I found it hard to believe that I?d let my domain name expire, but thought it a good idea to send an email nonetheless.

On the very same day, I received a reply. It came from one supposed Peyam Irvani, telling me the following:

Hello,
Please send me your high offer !
Regards

By this stage, I?d already had some back and forth email discussions with close friends, wondering what exactly could have happened. I also contacted my web host company, ICDSoft, asking them to help. They were the ones who sold me the domain name after all. Shouldn?t they have informed me?

This is when I found a disturbing support ticket, posted in my web host support panel. It was supposedly from me, addressed to ICDSoft?s support team, and was created on November 20th, the exact date of my departure from the UK. It read the following:

Subject: Davidairey.com Transfer

Hello,

I want to transfer davidairey.com to another registrar please unlock it and send me the EPP transfer code.

Kind regards,

David

Within just one minute (ICDSoft?s support team are very fast) the following response had been supplied:

Hello,

We unlocked your domain name as requested. Here is its EPP code:

Domain name: davidairey.com
Auth/EPP key: 6835892AE0087D66

Best Regards,
Support

I immediately typed a reply to this ticket, asking for help, and wanting to know what I could do to resolve the situation. Here?s what I was told by the support team:

Unfortunately, the domain name has been transferred successfully, and it cannot be reverted. The current registrar may be able to give you more information.

The original ticket message was sent from this IP address: 207.36.162.100

The person who posted it must have had access to your email, too, because transfers have to be approved by the administrative contact in order to be successful.

What? Not only did the hacker gain access to my web host control panel, but they also squirmed their way into my email account? This is when I began to get very worried. I kept a lot of personal emails behind my username and password, and this was a real invasion of privacy. For a few minutes I sat in the net café, my girlfriend beside me, and I didn?t know what to think.

I sent an email to GoDaddy, where my domain had been illegally transferred to, and asked them to prevent any further transfers. I wanted the domain in one place whilst I investigated. Here?s what GoDaddy said:

Unfortunately if a transfer request is made and completed we will not be able to prevent this unless we receive the notice from a court or arbitration forum? I apologize for any inconvenience this may cause.

Okay, so GoDaddy can?t help until the matter is taken to court.

This whole process ran over a few days of my holiday, as GoDaddy took over 48 hours to respond. At this point, and on December 19th (four days after my first email to the web pirate, ?Peyam?), I thought I?d send a reply, and here?s what I said:

Hello Peyam,

Well, congrats on your hack. I?d love to know how you did it.

Before this moves through the courts, in order to settle the dispute, I don?t suppose you?d be so kind to give me my domain back? It?d really save me a lot of hassle, but if that?s what it takes, so be it.

I saw no point in being aggressive, wishing to keep them ?on-side? as much as possible.

Again, that same day, I received a response:

)
Im sorry to say but its not possible to have it or it take about 1 month if you try hard to have it again

) and you lose your visitor ?.hahaha
You can purchase it for 650 $ And we will use escrow sevices ;) that will done in less than 2 days !

Now my domain name was being held to ransom, and the hacker was taunting me. What I had spent more than a year building into a sound marketing plan had been severed at the knees.

I?m not the type of person who will hand any money over to a criminal, so I didn?t reply, instead focusing on stopping this hacker from stealing any more of my property.
How was I being hacked?

cont...

http://forums.digitalpoint.com/showt...54#post5780424

12-25-2007, 06:19 PM
Barefootsies Choice is an Illusion Industry Role: Join Date: Feb 2005 Location: Land of Obama Posts: 42,635	Designer lost his domain because of flaw in gmail. What would you do if a criminal stole something very personal, and very valuable from you? What if they were able to target your business and criple your income? You wouldn?t be too happy now, would you? What if you also discovered that this was happening because of a Google security infection that can affect every GMail user on the planet? That?s what has just happened to me, and here I?m going to tell you my story. I will detail everything I know about the web pirates who are threatening my livelihood, and tell you what you need to know in order to avoid the same thing happening to you. Kit Kat packaging On November 20th 2007 I left the UK to spend a month?s holiday in India. I?d been planning this break for over a year, and was looking forward to taking my girlfriend away on our first foreign trip together. Prior to leaving, I published a blog post to let my readers know I?d be away for a while, and that my blog would be a quiet place in my absence. All my clients were informed, bills paid, loose ends tied up, and off I went on a new adventure. I arrived in Mumbai on November 21st, and on the journey from the airport to the Colaba district, was punched in the face by an Indian youth, but that?s another story. Mumbai India During the month ahead, I knew I?d be irregularly checking my emails, but only to let my loved ones know everything was fine. This holiday was to be a break from work, and a break from computers. Indeed everything was fine for a few weeks, until December 15th (five days before I was due to return from holiday). I called into an internet café in Goa, and read some worrying emails from good friends of mine. I was informed that my website had disappeared, and that my domain name (www.davidairey.com) was now redirecting to some random website - bebu.net. I was confused, and anxious. How could this happen? I hadn?t received any notification of my domain name expiry, and I never divulge any passwords to anyone. The only possible explanation for me was that somehow, the domain name had expired without me receiving any notice, and that some domain poacher had snapped it up before I got a chance to renew. My website had been pulling in over 2,000 unique daily visits. Not a massive amount by any stretch of the imagination, but for a one-man operation, 700,000+ annual visitors can generate a nice amount of new logo design business. So I ran a WHOIS check on davidairey.com, hoping to find an email address for the new owner. The search yielded this email address: [email protected] and here?s the email I sent: Hello, Please can I purchase my old domain name from you. It seems it expired without my knowledge. www.davidairey.com Kind regards, David I found it hard to believe that I?d let my domain name expire, but thought it a good idea to send an email nonetheless. On the very same day, I received a reply. It came from one supposed Peyam Irvani, telling me the following: Hello, Please send me your high offer ! Regards By this stage, I?d already had some back and forth email discussions with close friends, wondering what exactly could have happened. I also contacted my web host company, ICDSoft, asking them to help. They were the ones who sold me the domain name after all. Shouldn?t they have informed me? This is when I found a disturbing support ticket, posted in my web host support panel. It was supposedly from me, addressed to ICDSoft?s support team, and was created on November 20th, the exact date of my departure from the UK. It read the following: Subject: Davidairey.com Transfer Hello, I want to transfer davidairey.com to another registrar please unlock it and send me the EPP transfer code. Kind regards, David Within just one minute (ICDSoft?s support team are very fast) the following response had been supplied: Hello, We unlocked your domain name as requested. Here is its EPP code: Domain name: davidairey.com Auth/EPP key: 6835892AE0087D66 Best Regards, Support I immediately typed a reply to this ticket, asking for help, and wanting to know what I could do to resolve the situation. Here?s what I was told by the support team: Unfortunately, the domain name has been transferred successfully, and it cannot be reverted. The current registrar may be able to give you more information. The original ticket message was sent from this IP address: 207.36.162.100 The person who posted it must have had access to your email, too, because transfers have to be approved by the administrative contact in order to be successful. What? Not only did the hacker gain access to my web host control panel, but they also squirmed their way into my email account? This is when I began to get very worried. I kept a lot of personal emails behind my username and password, and this was a real invasion of privacy. For a few minutes I sat in the net café, my girlfriend beside me, and I didn?t know what to think. I sent an email to GoDaddy, where my domain had been illegally transferred to, and asked them to prevent any further transfers. I wanted the domain in one place whilst I investigated. Here?s what GoDaddy said: Unfortunately if a transfer request is made and completed we will not be able to prevent this unless we receive the notice from a court or arbitration forum? I apologize for any inconvenience this may cause. Okay, so GoDaddy can?t help until the matter is taken to court. This whole process ran over a few days of my holiday, as GoDaddy took over 48 hours to respond. At this point, and on December 19th (four days after my first email to the web pirate, ?Peyam?), I thought I?d send a reply, and here?s what I said: Hello Peyam, Well, congrats on your hack. I?d love to know how you did it. Before this moves through the courts, in order to settle the dispute, I don?t suppose you?d be so kind to give me my domain back? It?d really save me a lot of hassle, but if that?s what it takes, so be it. I saw no point in being aggressive, wishing to keep them ?on-side? as much as possible. Again, that same day, I received a response: ) Im sorry to say but its not possible to have it or it take about 1 month if you try hard to have it again ) and you lose your visitor ?.hahaha You can purchase it for 650 $ And we will use escrow sevices ;) that will done in less than 2 days ! Now my domain name was being held to ransom, and the hacker was taunting me. What I had spent more than a year building into a sound marketing plan had been severed at the knees. I?m not the type of person who will hand any money over to a criminal, so I didn?t reply, instead focusing on stopping this hacker from stealing any more of my property. How was I being hacked? cont... http://forums.digitalpoint.com/showt...54#post5780424 __________________ Should You Email Your Members? Link1 \| Link2 \| Link3 Enough Said. "Would you rather live like a king for a year or like a prince forever?"