How my domain name was stolen

Started by lovtzova, Aug 02, 2022, 02:57 AM

Previous topic - Next topic

lovtzovaTopic starter

I want to share some "good" news, if you have a domain on one "wonderful" registrar or its partners, then maybe it's not for long, in the sense that you don't have it for long time.




Once I was sitting at work and then my site user writes to my mail, says something your website has not been opened for a long time.

Indeed, I go there and write to the hosting provider, he says an error in the DNS. I go into the DNS records, but they are empty and cannot be edited. I look at the information on the domain - the domain is already with another registrar.

After the trial, it turned out that my registrar, without a single letter, transferred the domain to another person, and then sent it to another registrar. How did it happen? Someone forged my electronic signature just wrote them a letter, and they gladly did it.

Having entered the public services, I really found an electronic signature there, what I could not even physically issue, being not only in another city, but even in another country.


Old registrar:

Hello!

News, unfortunately, no. Since the change of the registrar was made after the change of the admin, the notification was sent, but to a new email, which was indicated on the domain. In this situation, we also, at the moment, cannot help in any way, since the domain name is no longer with us.

New registrar:

Hello!

Information about the events that took place with the domain name is only available to the registrar that supported it at the time of these events. Those. if something happened while the domain was in <Old Registrar>, only <Old Registrar> would know about it.

We have information about the domain only from the moment it was transferred to us - from February 24, 2022. We notified the current administrator (the person whose data was entered in the register at that time) about the change of registrar, checked the copies of his documents and received his consent with the transfer. Since the transfer, we have not identified any violations of the Registration Rules, so we have no reason to do anything with this domain name.

There are only two ways out of this situation:
1) Arrange with the current domain administrator to transfer the domain to you.
2) Get a court decision that will oblige us to transfer the domain to the person indicated by the court.

Since I'm in another country, I don't have too many options. I can only advise everyone not to register a domain with a registrar who can give away your domain without even notifying you by mail.

The loss is somewhere around $2K per month, the website has been transferred to another domain for now, but now it will have to be promoted on a new one.


How can you avoid having your domain name stolen. Here are a few options, if you have more, suggest in the comments:

    The registrar must require enabled 2FA for transactions via digital signature.

    The registrar must send notifications to all he can (email, phone) for any operation with domains. This is not a complete protection, but in my case it would help.

    Pause after changing the name of the owner of the domain and only after a while the possibility of transferring it.

    If a domain name costs a lot of money, maybe it's worth calling a person like a bank, but does he really want to transfer the domain?

Thanks for your attention.
  •  

alexfernando

You should definitely sue. This can be done remotely.
You need to report the fraud to police.
You need to ask the CA for details to whom they issued your digital signature.

From my experience, I will say that there are a lot of partners of eminent CAs who are ready to make an EDS based on a scan of the docks and send it to the customer by mail in a regular archive. Although the procedure requires the personal presence of the person to whom the EDS is issued, and issuance on a physical token.
  •