Overdue Domain - Hacker Target
Recently, Jack Bush, editor of the technical portal GroovyPost.com, talked about how a hacker seized his personal data using his Google account and expired domain.
Once he discovered that his old email address had been hacked, and now it is used for mass spamming. This became clear after a notification from Gmail came to his new address that the message from his old address could not be delivered. It contained the text of the letter, which was spam, and the sender's IP address belonged to another person who lives in Vietnam.
The most annoying thing was that the email settings contained a username and contact information, including a phone number. Some of this information was also included in the signature, i.e. Jack Bush’s personal data was sent to thousands of other users because of this.
')
Google services turned out to be a weak point - in particular, Google Apps For Domains (now called Google Apps for Business).
Google Apps for Domains differs from other Google services in that its account is linked to a domain name that could be registered not with Google, but with another company. In 2010, Bush registered the name Anthrocopy.com, but after it became unnecessary, he did not renew his registration. On June 20 of this year, the registration term has expired, and the domain has been overbought by another user. It would seem the most common situation. But the new owner of the domain went further.
He hacked his Google Apps for Domains account through an access recovery form. But in order to prove that you are the owner of the domain, it is not necessary to recover the password. Just create a CNAME record in the domain name system, and Google gives you all the rights to access its services, including email.
As Google's tech support said, it is impossible to restore access in such cases - for the reason that the user does not own the domain. The only thing that they were able to recommend was to contact the law enforcement authorities.
The conclusion that Jack Bush made from this story is that Google Apps for Domains is an insecure service. He also advises to be more careful in the security problem, and if necessary, delete all your old and unnecessary domains and accounts in online services and social networks, especially if they contain personal data.
Once he discovered that his old email address had been hacked, and now it is used for mass spamming. This became clear after a notification from Gmail came to his new address that the message from his old address could not be delivered. It contained the text of the letter, which was spam, and the sender's IP address belonged to another person who lives in Vietnam.
The most annoying thing was that the email settings contained a username and contact information, including a phone number. Some of this information was also included in the signature, i.e. Jack Bush’s personal data was sent to thousands of other users because of this.
')
Google services turned out to be a weak point - in particular, Google Apps For Domains (now called Google Apps for Business).
Google Apps for Domains differs from other Google services in that its account is linked to a domain name that could be registered not with Google, but with another company. In 2010, Bush registered the name Anthrocopy.com, but after it became unnecessary, he did not renew his registration. On June 20 of this year, the registration term has expired, and the domain has been overbought by another user. It would seem the most common situation. But the new owner of the domain went further.
He hacked his Google Apps for Domains account through an access recovery form. But in order to prove that you are the owner of the domain, it is not necessary to recover the password. Just create a CNAME record in the domain name system, and Google gives you all the rights to access its services, including email.
As Google's tech support said, it is impossible to restore access in such cases - for the reason that the user does not own the domain. The only thing that they were able to recommend was to contact the law enforcement authorities.
The conclusion that Jack Bush made from this story is that Google Apps for Domains is an insecure service. He also advises to be more careful in the security problem, and if necessary, delete all your old and unnecessary domains and accounts in online services and social networks, especially if they contain personal data.
Source: https://habr.com/ru/post/228557/
All Articles