Web Hijackers Pilfer Internet Domain Names
Friday, June 2, 2000 By Ian Karleff
TORONTO � Cyberspace hijackers have stolen the Internet domain name Web.net, a hosting site for 700 charities, from its Canadian owners, exposing yet another of the Internet's security flaws and jeopardising the Web's most valuable property � your e-identity.
"This looks like international domain name laundering. I think we're going to start seeing more of this," said Ken Campbell, president of K.K. Campbell Internet Consulting in Toronto, and the first to discover Web.net's predicament.
Earlier this week, hijackers forged, or in Web language "spoofed," Web.net's e-mail account, explained Campbell.
The hijackers also made crucial changes to the database of Network Solutions, where Internet addresses are registered, and changed the official owner of Web.net to Billy Tandoko of Jakarta, Indonesia.
The hijackers then moved Web.net's registry to a micro-registrar in Toronto and changed the legal owner to Paul Vernon, allegedly of Hong Kong, and rerouted all traffic to reserveme.com.
Web.net is still not in control of its Web site, although as of Wednesday reserveme.com began redirecting mail and Web site inquiries back to Web.net's servers, said Tonya Hancherow of Web Networks, the legal owner of Web.net.
The same hijackers made similar changes to the ownership of Bali.com, and Campbell has since uncovered one more case of Web site hijacking, but does not think the third case is linked.
Hancherow said she can't believe such a breach of security is as easy as spoofing an e-mail account.
"No password was provided and Network Solutions processed the change without consent," said Hancherow.
The hijackers motives are still a mystery.
"I think I'm witnessing an Internet version of international money laundering, whereby someone is scooping up domain names worth $100,000 each, moves them around so the paper trail is lost, and ends up with substantial assets," said Campbell.
Hancherow first thought the hijacker was going to try to extort money from Web Networks, but their non-profit status could complicate such a demand.
"The other two options: Is he trying to steal it so he can resell it, or is he just trying to play games to make our lives a bit more difficult?" said Hancherow.
Brian O'Shaughnessy, a spokesman for Network Solutions, told Reuters this type of hijacking has happened at least a dozen times in the past year and Web Networks is a victim of the excessive volume his company is experiencing from people registering domain names.
"A new dot-com is added every 5 seconds. Domain names are a valuable piece of property and that's what people are looking for: a valuable identity on the Internet," said O'Shaughnessy.
"The rightful owner still has the domain. An unlawful act has been committed using a hole in the system," he added.
With the introduction of competition to the domain name registry field in June 1999, a complex layer has been added to the system, making hijacking easier, said O'Shaughnessy.
Nevertheless, Campbell believes those businesses that have suffered substantial losses due to hijacking may want to take Network Solutions to court.
Campbell warned that there was no longer a central administrator guarding the Internet's security, as there was before 1993, when the Clinton administration transformed the Internet from academic tool to commercial medium.
"They took away those kind of feudal lords and brought in the naked system that is not very secure," said Campbell. "The Internet was based on a co-operative environment, not a fiercely competitive capitalistic environment, and that's why these problems perennially show up."
http://www.foxnews.com/vtech/060200/hijack.sml
-- Martin Thompson (mthom1927@aol.com), June 03, 2000