chris
Top Contributor
An interesting case study of expired domains being used for malicious purposes:
You can read the article here:
https://blog.sucuri.net/2016/06/spam-via-expired-domains.html
There are some links to examples of WordPress plugins doing something similar. We had a case on vBulletin where one of the main third party modules being used was abandoned and the domain picked up. Usually not a problem, except that the addon had a newsfeed displayed in the admin dashboard. It was one of a few reasons to move to something that didn't need addons.
Now it’s getting clear that at some point the theme developers ceased their operations and didn’t renew the domain registration, which meant that websites using their theme couldn’t load the background images for the footer (this didn’t spoil the overall look of the pages though). Then, someone purchased the expired domain and parked it, which according to WHOIS information happened on May 21 2016 – just a week before the client asked us to find the source of the unwanted ads. When the background images began loading again, they were showing the ads.
You can read the article here:
https://blog.sucuri.net/2016/06/spam-via-expired-domains.html
There are some links to examples of WordPress plugins doing something similar. We had a case on vBulletin where one of the main third party modules being used was abandoned and the domain picked up. Usually not a problem, except that the addon had a newsfeed displayed in the admin dashboard. It was one of a few reasons to move to something that didn't need addons.