Matt's Models Hijacked?
 

I received this email tonight:

Attention all affiliates.
MattsModels.com domain has been hijacked by a hacking criminal thru Network Solutions/Verisign . Please point all traffic to http://www.mattsmodels.net untill we resolve this with problem with Network Solutions/Verisign. Also..please DO NOT send email to [email protected] ...instead send email to me at [email protected].
Thanks for your patience and understanding. Any input would also be appreciated. - Matt

Mee too.

But what weird is if you go to the socalled new domain at www.mattsmodels.net then it just links back to mattsmodels.com when you hit the Enter button. Weird. Seems fishy to me.

G

Registrant:
Murathanogullarindan, Murat (MATTSMODELS-DOM)
Nuri Pamir Cad. No. 11/9
Kolej-ANKARA, TR 06280
TR
looks like they own the domain now

i would be on a flight to india right now to straighten out the little indian fuck who wanted to screw around

What is this? Is this true? Or is it just a joke or a way to get more traffic? :eek7

With domain stealing, a lot of the time it's Americans who use whois addresses in other countries so they can hide who they really are. We've dealt with a number of these type of cases.

Oh man that really sucks!

Does anyone know Matt? Does he ever post on GFY?

I would love to hear the story of what happened?

I sure hope it's not because he just forgot to renew his domain name.
That would really, really suck.

I wonder how they took over the domain. It looks like he was using a normal email address, though it was at the domain itself. Maybe someone got ahold of the nameservers somehow and redirected the mail so they could transfer the name? Anyone know anymore details on what specifically happened?

Network Solutions will probably tell him that it's not their problem and he'll have to get a lawyer to get this resolved.

Damn you see it more and more......

Andre

matt is cool as shit

if he wants to fuck the dude up who stole his shit, i have his back

You are more safe, in theory, if you are with a company who cares about their customers and tries to resolve fraud issues.

If Network Solutions knows that a name is stolen, they often won't do anything about it. Even if you can prove it to them, they won't give the name back to you. They tell you to sue the other guy who stole it. If you deal with another registrar, one who cares about your business, then they can take the name back from the thief once you prove it's stolen and give it back to you. They can then tell the thief to sue them or you if he has a problem with a stolen name being given back to the real owner.

If the name gets transferred out of your registrar by the thief before you can stop it, then you are really fucked. Once there are two registrars involved, you better get a lawyer and be patient if you ever want your name back.

That name is still at Network Solutions it looks like, so they could give it right back to him. I doubt they will. It did not expire, it shows a 1999 registration date.

better Turkey... Ankara is in Turkey...

What will you be doing in India?.......Last time I checked Ankara
is in Turkey! :1orglaugh :1orglaugh :1orglaugh

DynaMite

How do you know that it did not expire?

Damn you beat me to it LOL

DynaMite

I assume you are asking how you can tell that it didn't expire and get re-registered.

Two reasons:

1. There have been no normal domain drops for the last 20+ days, so no one could have re-registered it in the last few weeks even if it did expire.

2. When a name is re-registered, the registration date would be the date when the new owner registered it, within the last few days, not a date 4 years in the past.

Also, the expiration date is in September, which would make no sense.

Very interesting I did not know that, or maybe I did and just never put it together.

You learn something new everyday, thanks for the info.

I'll share the prize with you :)

The part about the drops stopping is a very rare occurrence. They changed the expiration policy on .net and .com names recently, and we are nearing the end of a 30 day period where almost zero domains in those TLD's were released. Pretty crazy month. Notice that I've been posting more on GFY. :)

hijack it back!

Isnt this the same thing that happened with Gary Kremen and sex.com? If so Matt can sue for a few million

"sex.com" was awarded damages for lost typein traffic, I doubt MattsModels.com would warrant the same:2 cents:

I just don't understand why in the email he sent out to affiliates about the hi-jack it says change your links to mattsmodels.net but then that is just a splashpage back to mattmodels.com???

Check the html source, that should answer ur question, he not of updated it to the new site

That sounds pretty much right, if whoever it was that "hijacked" this domain, it would seem they just went to the domain manager inside mydomain.com and changed the details to the current whois info.

Stats, dates and everything else is all over the place at Network Solutions over the last few days as they put the new (paid for) instant DNS manager service into place.

Though when I've transfered domains to other registars before they expire the original registration date has been kept in the record. So it could have been completely transfered to someone else...

Yeah that's right, but in this case, I simply think this "Murat" person who is the new registered contact for the domain, may have just taken over the username that Airwood Media owned with mydomain.com (a guess)

Because the details in the whois information have a date that isn't even close to today's date. Domains are usually in yearly blocks.

http://mail.kirmizi.com/login.cgi - is the login server for [email protected] who happens to be the registered contact for mattsmodels.com and I'm sure that is the same email attached to the account held with mydomain.com

Anyone have a knack at gaining access to such things?

Are my domains safe from these fuckers if im using directnic? if not im willing to transfer this is like the 5th domain ganking story i heard about this week.

Make sure you have HIGH SECURITY set in the customer settings area.:thumbsup

Transfer Security Settings Updated!
It may take up to 15 minutes for all changes to take effect.

Whew ;d

Also, isn't it a good idea, to have your WHOIS email, another email then you use to login to your registrar?

That way it makes no sense anymore to hack your email account you use in the whois....

Andre

It was probably easy to hijack mattsmodels, all you have to do to transfer a domain is print out a form on netsol.com, sign it and fax it in with the new contact info, netsol doesnt check their resources they just transfer it, thats why they suck ass. they dont even require you to fax in your ID to verify! They just trust a signature. I recommand godaddy and doster

Does Network Solutions have a simular function as Directnic to lock the domains from being transfered?

I bought a website from someone that was hosted on network solutions/verisign. We couldn't get the fuckers to switch the name over so I decided to redirect it to a new site. I went into their domain forwarding and typed in the site to forward to, paid $10, and pointed that domain to my site. Mind you I did all this without a username, password, or proof of ID. I could have pointed any domain on network solutions to my site in a few minutes.

FUCK VERISIGN

Paying for it with a credit card I assume? - that is a form of ID...

Do yourself a favor and transfer your names away from network solutions before someone else does it for you... network solutions is a lousy company and they are not secure as far as domains go.

Oh no another one! Makes me shiver just thinking about it! Hope I can get some support form the big guys around here if that happens! Bad luck :(

check out this article (kinda old from 2000) but seems to still apply:

http://www.securiteam.com/securityne...tep_guide.html

Matt is not only a nice guy he is an experienced webmaster his site was doing very well last time i talked to him . So if this is true its a real bad day for Matt.

I am going to phone him now and get the skinny thats if he is out of bed yet its only 9.20 here in CA



:BangBang:

First mistake: Network Solutions/Verisign.

I can't believe anyone still uses them.