In this post I will tell you about
How the
Domain names are hacked and
How they can be protected. The act of hacking
Domain names is commonly known as
Domain Hijack ing . For most of you, the term “
Domain Hijack ing ” may seem to be like an alien. So let me first tell you what
Domain Hijack ing is all about.
Domain Hijack ing is a process by which Internet
Domain Names are stolen from it’s legitimate owners.
Domain Hijack ing is also known as
Domain theft. Before we can proceed to know
How to
Hijack Domain names, it is necessary to understand
How the
Domain names operate and
How they get associated with a particular web server (website).
The operation of Domain name is as follows
Any website say for example gohacking.com consists of two parts. The
Domain name (gohacking.com) and the
web hosting server where the files of the website are actually hosted. In reality, the
Domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of
Domain name with the web hosting server is done as follows.
1. After registering a new
Domain name, we get a control panel where in we can have a full control of the
Domain .
2. From this
Domain control panel, we point our
Domain name to the web server where the website’s files are actually hosted.
For a clear understanding let me take up a small example.
John registers a new
Domain “abc.com” from an
X Domain registration company. He also purchases a hosting plan from
Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the
Domain control panel (of X) he configures his
Domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the
Domain name “abc.com” is resolved to the target web server and the web page is displayed. This is
How a website actually works.
What happens when a Domain is Hijack ed
Now let’s see what happens when a
Domain name is
Hijack ed. To
Hijack a
Domain name you just need to get access to the
Domain control panel and point the
Domain name to some other web server other than the original one. So to
Hijack a
Domain you need not gain access to the target web server.
For example, a hacker gets access to the
Domain control panel of “abc.com”. From here the hacker re-configures the
Domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).
In this case the John’s
Domain name (abc.com) is said to be
Hijack ed.
How the Domain names are Hijack ed
To
Hijack a
Domain name, it’s necessary to gain access to the
Domain control panel of the target
Domain . For this you need the following ingredients
1. The
Domain registrar name for the target
Domain .
2. The
administrative email address associated with the target
Domain .
These information can be obtained by accessing the WHOIS data of the target
Domain . To get access the WHOIS data, goto
whois.Domain tools.com, enter the target
Domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see
Whois Record. Under this you’ll get the “Administrative contact email address”.
To get the
Domain registrar name, look for something like this under the
Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the
Domain registrar. In case if you don’t find this, then scroll up and you’ll see
ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual
Domain registrar.
The administrative email address associated with the
Domain is the backdoor to
Hijack the
Domain name. It is the key to unlock the
Domain control panel. So to take full control of the
Domain , the hacker will hack the administrative email associated with it. Email hacking has been discussed in my previous post
How to hack an email account.
Once the hacker take full control of this email account, he will visit the
Domain registrar’s website and click on
forgot password in the
login page. There he will be asked to enter either the
Domain name or the
administrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of
Domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can
Hijack the
Domain within minutes.
How to protect the Domain name from being Hijack ed
The best way to protect the
Domain name is to protect the administrative email account associated with the
Domain . If you loose this email account, you loose your
Domain . So refer my previous post on
How to
protect your email account from being hacked. Another best way to protect your
Domain is to go for
private Domain registration. When you register a
Domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you
Domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private
Domain registration costs a bit extra amount but is really worth for it’s advantages. Every
Domain registrar provides an option to go for private registration, so when you purchase a new
Domain make sure that you select the private registration option.