Welcome to WebmasterWorld Guest from

Forum Moderators: buckworks & webwork

Message Too Old, No Replies

Hijacked Domains

Hacker in Vietnam causing grief

10:10 pm on Apr 9, 2008 (gmt 0)

Full Member

10+ Year Member

joined:Dec 18, 2004
votes: 0

We had 9 of our domains hijacked last week. We have been able to retrieve all 9 of them through considerable red tape.

The hacker also stole our forum and uploaded it to one of his $1.00 domains. He has just mass emailed all our forum members asking for donations through Paypal. We contacted PayPal to try to stop this.

He has tried (and failed) to sell all of our domains on sitepoint.

Can anything else be done? This hacker/hijacker needs to be stopped.

Please make sure all of your passwords to your registrars and hosting companies are secure and unguessable.

Sticky me for more information


7:40 pm on Apr 26, 2008 (gmt 0)

Full Member

10+ Year Member

joined:Dec 18, 2004
votes: 0

Update: the hacker is now buying all the .info domains that match our .com domains and copied our content to them, added his adsense to them, and may try to sell these .info's on sitepoint.


7:50 pm on Apr 26, 2008 (gmt 0)

Junior Member

10+ Year Member

joined:July 28, 2007
posts: 125
votes: 0

Forgive my ignorance, but who are your domains registered with that allows this to happen, or how can it happen?
8:00 pm on Apr 26, 2008 (gmt 0)

Full Member

10+ Year Member

joined:Dec 18, 2004
votes: 0

He somehow found out our password for our registrar and proceeded to transfer our domains to other registrars.

Sorry I don't think I'm allowed to mention who the lax registrar was here.

[edited by: Sweet_Cognac at 8:02 pm (utc) on April 26, 2008]

12:04 pm on Apr 27, 2008 (gmt 0)

Preferred Member

10+ Year Member

joined:Sept 8, 2004
posts: 629
votes: 0

who the lax registrar was here

If the registrar did exactly as agreed upon, they weren't necessarily lax. Read
your agreement and you'll likely find it's your responsibility to ensure any and
all your account passwords are secure.

If user A accessed his account from Virginia in March, then accessed it while
on vacation in Vietnam in April, should he be blocked and required to call that
registrar for verification? While that can certainly help in preventing a possible
hijack, it can also inconvenience an nth number of users.

Probably a matter of which number is greater, I guess.

Anyway, just continue working with the registrar.


2:29 am on Apr 29, 2008 (gmt 0)

Moderator from AU 

WebmasterWorld Administrator anallawalla is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 3, 2003
votes: 14

Do the usual DMCA thing to keep his stolen pages from appearing in the US based search engines. Won't help you with non-US SEs.