Monday, November 3, 2008

The Real Truth Behind The MakeUseOf.com Domain Crack

UPDATE - Nov. 3'rd 23.20 PM (GMT): The domain is back with us! ... What a day!.... Thank You guys! I think, more then anythig else it was YOU who got it back. Your comments, your emails, your diggs, your tweets

--------------------------------------------------------------

I've been seeing some crazy rumours flying around the web since last night (particularly on Twitter) about Make Use Of so this blog post is to put down the whole truth and put those stupid rumours to bed once and for all.

Yesterday, while monitoring Twitter, I began noticing a couple of people on my Twitter stream saying that the Make Use Of domain was "parked". For anyone not familar with the terminology, this is basically when the whole site goes offline and the domain is basically redirected to some "static page" filled with paid links. It took a while for me to see the parked domain on my screen but eventually Make Use Of went offline for me and I immediately lost my appetite for dinner.

Needless to say, I immediately contacted Aibek (the editor-in-chief) and he started to find out what had happened. The problem was quickly traced to our GoDaddy account and we found out that it had been hacked by someone. The hacker had transferred ownership of the makeuseof.com domain from the GoDaddy account to another web registrar company called NameCheap (the reseller for ENOM). Looking at the emails now we can say that it took him less then an hour to do that. The WHOIS entry is here and you can see that it is an Ali Ferank in Dubai. That's our bad guy. We have absolutely no idea how he managed to gain access to the account but access it he did. We suspect he might have hacked into the Gmail account tied to GoDaddy but we are still not sure about it. But so far that's the only explanation.

[update: We can now confirm that the attacker in fact got the access details through Gmail and set up a forward filter to send incoming emails from GoDaddy to another Gmail account. Now the account had a strong approximate 15 character long password. How the hell did he manage to get in? Is it another Gmail Security Flaw? ... Aibek]

Now it turns out that in order to transfer the domain, Ferank (or someone helping him) called up GoDaddy and impersonated Aibek. At that point he had already access to our account (or at least had enough information to recover the username/pass for the account) and basically said "hi, I'm the owner of MakeUseOf.com, please transfer the domain". GoDaddy then complied.

Now what you have to ask yourself is this :

Why did GoDaddy go so fast? In fact in the transfer confirmation email that we received from GoDaddy it stated that we have 3 business days to cancel the transfer. However, when we logged into the account the domain was already moved, in less then an hour. Is it THAT EASY to snatch the domain from GoDaddy?

But worse was to come. Ferank emailed us and started to blackmail us!

Hi there,

I said it very simply and very easily !

2 K !

Deal or not ?!

You own the domain I get the money...

Regards

Now obviously we are not going to pay. We are not going to give into these kinds of people. We work hard for our money and we are not going to hand it over to criminals looking for a quick payday. If we have a spare $2000 available, we would much rather give it to our hard working writers who deserve it.

Aibek then contacts NameCheap and explains the situation. Obviously NameCheap isn't going to instantly hand back the domain to us before an investigation sorts out all the facts but to their credit, NameCheap does agree to lock / disable the domain for the moment so Ferank is unable to move the domain again. This gives the GoDaddy legal team time to investigate the whole incident and begin the procedure to recover the domain.

We are hoping to get back online today but it may take a little longer than that. But we will get back online, don't have any doubts about that. As I said to the staff today, we will not pay a single cent of the $2000, we will get our domain back and Make Use Of is going to come roaring back. We have worked so hard over the past couple of years and built up such a huge respected brand name on the web. We will not now see it come crashing down because of an opportunistic criminal.

In the meantime, if you can help in any way, if you know anyone at GoDaddy that can help us, if you have encountered this Ali Ferank yourself in the past, if you have been the victim of a domain theft yourself in the past and you can offer advice (we are contacting Mr David Airey already) or if you think you can offer any other kind of assistance then either contact myself at mark@betterthantherapy.net or Aibek at esengulov@gmail.com .

Oh and many thanks to the many messages of support we have received from people all over the web. It really means a lot!

Mark (on behalf of MakeUseOf team)

UPDATES (Aibek):

4.30 PM (GMT) : Called GoDaddy and was basically told to wait until GoDaddy legal team reviews the documents that were sent to them about 20 hours ago. The support guy told me it may take another 24 hours. Plus he had no idea whether it's 24 hours until they just start reviewing our case or get the domain back. I am really disappointed in them here, it took them less then an hour to transfer domain to another registrar. Who knows how long it will take now to get it back.

5.00 PM (GMT): As suggested by someone in the email I decided to send an email to GoDaddy PR department explaining the problem.

5.35 PM (GMT): Got email from GoDaddy legal. They are looking into it. Waiting for reply ....

6.05 PM (GMT): Got another email from GoDaddy:

Thank you for your reply.

We have contacted Enom on your behalf regarding MAKEUSEOF.COM and have requested an FOA (Form of Authorization) for the transfer. If their records also show the same registrant at the time of transfer, we will work with them to see if they can transfer the name back.

We will keep you posted on the progress.

9.00 PM (GMT): Talked to Domain Disputes Dept. at GoDaddy. They told me that they're now basically waiting for ENOM to reply. If ENOM clears the domain, it should be either returned to the account on GoDaddy or set up under new account on ENOM.

9.20 PM (GMT): Send an email to ENOM Legal and PR department hoping to quicken things up.

22. .... PM (GMT): Got a call from GoDaddy Domain Disputes dept. The domain should be back with us shortly.

23.20 PM (GMT): The domain is back with us! ... What a day!.... Thank You guys! I think, more then anythig else it was YOU who got it back. Your comments, your emails, your diggs, your tweets...

Labels: , , ,

144 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home