Security Hole in Control Panels of UK Registrars Led to Domain Hijacking

Nominet has found that around 300 domains were compromised last year

Last year, cybercriminals managed to steal around 300 domains by exploiting a vulnerability in the web hosting control panel of UK registrar 123-Reg. In addition to 123-Reg, it’s believed that four other registrars have been impacted.

The Register has learned that a security hole in 123-Reg’s web hosting control panel allowed anyone with an account to gain access to other accounts simply by modifying the URL from the browser’s address bar.

The bug exposed emails, name servers and even billing information. An attacker could have hijacked domains by changing the email address for .uk domain name registry Nominet and requesting a new password.

The domains that were hacked this way, totaling 300, were locked by Nominet. In addition, the registrar agreement with one company was terminated.

“To our knowledge, Nominet's own systems have not been compromised,” Nominet representatives have stated on the company's forum.

“The only recent security issue we are aware of regarding any of our registrars happened last summer- four registrars were victims of unauthorised transfers of around 300 domain names during the post expiry period. This matter is now in the hands of the police, so we’re not in a position to comment further.”

Updated to include the statement from Nominet.

Hot right now  ·  Latest news

1 Comment