This affects anyone who has purchased a domains from Netfleet/Netregistry which said domain was previously with Ziphosting (potentially other registrars).
Long story short.
Previous owner of domain I own (via Netfleet auctions) still has FULL domain management access. This includes hijacking DNS, Registrant/Technical contact details.
What this means
-Previous owners of domain can delegate the nameservers and point your domain to another website
-Worse, they can change registrant details/contacts which could potentially lead to a transfer of domain to another party via Change of Registrant process.
Ziphosting support was notified on 21st of July and to date (two business days later) they have yet to respond to what I feel is a pretty serious breach. Disappointing as I can only imagine this affects quite a few other people who are likely to be unaware that such situation exist.
Long story short.
Previous owner of domain I own (via Netfleet auctions) still has FULL domain management access. This includes hijacking DNS, Registrant/Technical contact details.
What this means
-Previous owners of domain can delegate the nameservers and point your domain to another website
-Worse, they can change registrant details/contacts which could potentially lead to a transfer of domain to another party via Change of Registrant process.
Ziphosting support was notified on 21st of July and to date (two business days later) they have yet to respond to what I feel is a pretty serious breach. Disappointing as I can only imagine this affects quite a few other people who are likely to be unaware that such situation exist.
Attachments
-
ziphosting_domainhack.png
