[Owasp-singapore] Beware if your organisation domains are registered with register.com

Wong Onn Chee ocwong at usa.net
Thu Feb 25 22:27:29 EST 2010


Hmmm, a suitable script for the next sci-fi thriller?

Onn Chee

--- Extract ---

"The attack began on the afternoon of Jan. 11 when the hacker contacted
Register.com tech help via online chat and claimed to be from Baidu, the
complaint alleges. The attacker asked a support representative to change
Baidu's e-mail address on file. The representative then sent a
confirmation code to Baidu's e-mail account even though the hacker
answered a security question incorrectly, the complaint alleges.

The attacker could not access Baidu's e-mail account, so instead made up
a confirmation code and sent it to the support representative when
asked, the complaint alleges. Without comparing the two codes, the
support representative took the bogus answer to be correct and agreed to
the attacker's request to change Baidu's e-mail address on file to
"antiwahabi2008 at gmail.com", the complaint alleges.

"Incredibly," the complaint says, Register.com "thus changed the e-mail
address on file from one that was clearly a business address and
contained the name of the account owner, to an e-mail address that
conveyed a highly politically charged message ('antiwahabi'), with the
domain name ('gmail.com') of a competitor of Baidu, at the request of an
individual who not only could not produce the correct security
verification, but actually produced false information twice."

More information about the Owasp-singapore mailing list