The danger of abandoned domain names

You can think of everything, but few realize that giving up domain names can be dangerous for the future.

Indeed, cyber criminals do not lack imagination. They may take control of websites to use e-mails or other apartment information to clients or visitors, with the intention of initiating acts of cyber malice. For this, hackers sometimes spend a lot of time on this kind of activity, that is, abandoned domain recovery.

This article will also interest you: The issue of cybersecurity time

Abandoned website or simply a domain name is often a simple act which the author does not care about the consequences. Yet this is a boon for cybercrime. Especially in the development of mass piracy campaigns. And how does it work? It's totally simple, when a person abandons a domain name, cyber criminals have the opportunity to recover that domain name. When they do this, it becomes very easy to retrieve certain information that passes through that name, when it was affiliated with the website. This recovery is done under certain conditions so as to seem totally legal. The information generally collected consists of email addresses, and as is known is a kind of key to the realm of cybercrime.

Yet it is a problem that affects a lot of law firms and tech companies, those sectors where partnerships, mergers are created, formed and destroyed on a regular basis. And this is underlined by a cybersecurity expert named Gabor Szathmari. Whether it is a merger or acquisition, or merger acquisition, companies are often affected by changes in plans and operations that often go as far as the name change, which affects the name of the domain. Under these conditions, the old ones are always abandoned by companies until the expiration. Yet, as mentioned above, leaving an expired domain name is a danger."In the United States, 2017 was a record year for mergers of law firms," he said. "There have been 102 mergers or acquisitions between large law firms and probably several thousand between small firms." So we can clearly imagine the impact of all these changes, at the level of websites. To demonstrate how problematic this type of situation is, the cybersecurity researcher set out to re-register old domain names that had belonged to several of his law firms. Then he set up server dedicated to email. Without hacking, the security researcher claims to have received a large flow in addition to the confidential information that continued to arrive in his server. This information included bank data from invoices from other law firms, sensitive legal documents belonging to the client in the current affairs registry, and LinkedIn profile updates. After his little experience, he would have returned the domain names to the former owners.

Our computer security researcher stated that with this method it would be very easy to commit fraud, without it seeming to be. "By re-establishing an online store that used to run on a now-abandoned domain name, malicious actors could download the original web pages from archive.org, then take orders and make new payments by posing as a fully functional online store (…)If the old online store had a customer relationship management system (CRM) or a MailChimp, criminals could access the list of former customers by taking these accounts with an email-reset password. They could offer them a special discount code to encourage them to place orders that would never be delivered. And there is no limit to this kind of fraud." Explains Gabor Szathmari during his study.

Moreover, the operation of the system facilitates the cyber-malicious actors using this process. Indeed, it should be noted a list of available domain names is constantly published register. All that is needed is a cyber criminal to download this list on a day-to-day basis compared to the latest news event, concerning mergers and acquisitions, just to find out which direction to attack.

In addition, the cybersecurity researcher also meant that he was able to retrieve the names of abandoned domains by using online tools such as SpyCloud.com and HaveIBeenPwned.com. These are services that allow you to check domain names, but when you own the domain, it's easy to bypass security measures. We know that users tend to always reuse the same password, and we can use it with bad intentions easy things.

Now access an unlimited number of passwords:

Check out our hacking software