Categories Technology

How I (almost) lost my domain name and how Bitcoin saved my day – Xlinesoft Blog

  • By Pakar PBN
  • Estimated read time 5 min read
  • 12 November 2024


Our website xlinesoft.com was down from May 24, 2019 to May 30, 2019.

First, I noticed that I was unable to log into our online support service. Then the website itself started showing ads that we never had before. We assumed our server had been hacked, but it turned out it was just pointing to a different IP address. The hacker downloaded a static copy of our website, added advertisements and tried to make money through AdSense.

I tried logging into the GoDaddy account and checking the DNS settings. The login did not work and the password reset email never arrived. Our GoDaddy account was hacked and the attackers changed the domain name ownership data. I was relieved though, dealing with GoDaddy should be easier than dealing with a hacker, right?

The GoDaddy saga

During those six days, I spent a dozen hours on the phone with GoDaddy. Unfortunately, the only way to contact their fraud department is via the form on the website and it will take up to 72 hours for them to get back to you. So every time I submitted supporting documents, I called a regular helpline and asked them to contact someone from the fraud department and check the status of our case.

I received exactly two one-line responses from the fraud department in those six days and it was just a joke.

Here’s what we got back on day 2:

We see that you recently submitted a modification update request. We’re sorry, but this service can only make this change after verifying the consent of the registrant or account holder – and unfortunately, consent was not provided in this case. You are not the account holder or registrant as currently registered and no business records have been submitted for review.

So basically they are telling us that they contacted the hacker and the hacker did not agree to give back our domains. What a surprise! It is worth saying that all documents have been provided, such as a driving license scan, company registration and DBA (doing business as) registration of Xlinesoft.com.

After hours on the phone with customer support and resubmitting all the same documents, we received a second response on day 5:

Thank you for your email. Unfortunately, we are unable to provide information about your account without proper validation.

How did we get it back

At some point we realized that GoDaddy wouldn’t help us in any way. We were working with the attorney to send a formal complaint to GoDaddy, ICANN, and potentially law enforcement. On the fifth day, something unexpected: the hacker contacted us.

“I have your domains,” he said, “I can give them back to you for $1,000.” I knew right away it was him, it came from the email address specified in the WHOIS database as the new owner. After a few emails back and forth, we decided to try it. And of course, he wanted the money sent to his Bitcoin address. Luckily, we had a friend who had some Bitcoins ready and it was the first time I used crypto for anything useful.

The conversation with the hacker was quite amusing:

Please send money first, otherwise I sold this domain to the darkweb. there are many hackers on the darkweb, he can buy this domain at a good price. and Godaddy can’t do anything. I am an ethical hacker and I am Muslim. I promise you that when you send me money within 1 minutes, I will transfer your domain to your account. Trust me! .

We sent the first half and got back the first domain and access to our account. After sending the rest, we also got the second domain back. The hacker knew what he was doing. Right after he accessed our account, he transferred the domains to another account at GoDaddy. Even if GoDaddy had done its job and restored access to our account, it would have been empty and another investigation would have had to be launched to find these domains.

Anyway, he did what he promised and transferred the domains to our account. Unfortunately, dealing with the hacker was more pleasant than dealing with GoDaddy. Maybe because he was an ethical hacker.

And just to give you an idea of ​​how common this type of crime is, we checked all incoming transactions to his Bitcoin address. He has earned about $50,000 since the start of the year. Not bad for someone living in rural Pakistan.

Lessons learned

So it was nothing other than my own stupidity that led to this snafu. It’s easy to forget basic security rules when you only use a website maybe once a year. Still, it’s a terrible excuse. Don’t let this happen to you.

Just a quick reminder of what needs to be done.

– Use two-factor authentication wherever you have something important.
– Do not reuse passwords. Our account was hacked because the same password was used on another website whose passwords were stolen.
– Do not log in using an email address from the same domain. If something happens to your domain, you will not be able to access your email and will not be able to restore your password.
– Don’t use GoDaddy. If things go wrong, you’re essentially on your own.



Technology

Tags:

About The Author

Pakar PBN
http:///home/ipx143952/domains/fitdankbaby.co.uk/public_html

More From Author

User guide for the fitting Odoo Linkly Payment website

User Guide For Magento 2 React Native Mobile App Builder

MCP servers: the new IA ecosystem