When a certain genre of domains increases in value, cybercriminals target it.
With short domains – letters or numbers – becoming valuable for buyers in China, it’s not surprising that more domain thefts are reported daily.
The owner of a cache of domains at GoDaddy recently discovered that the following domain names were stolen from his account:
- 14491.com
- 120004.com
- 188841.com
- 288842.com
- 488846.com
- eybr.com
- ytwo.com
The owner stated:
“As I was bidding on some Godaddy domains I noticed that I was locked out of my account.
I called Godaddy and learned that someone accessed the account and transferred out the above domains.”
It comes as no surprise that these domains were moved to Chinese registrants, or to GoDaddy accounts controlled by Chinese cybercriminals.
Do not buy any of these domains, as they are currently stolen. We will update this post once they get reclaimed.
Update: One domain remains stolen, the rest have been recovered.
Update 3/11/2016: All domains have been recovered, including 14491.com.
I quite don’t understand what’s happening in this case. usually when there is a transfer request, both Godaddy and receiving registrar send an email to the owner of the domain so that he/she can deny the transfer. In many cases I have seen from domain theft reports, it seems that domain owners did not receive those emails from the registrars and noticed the theft by pure chance. If that’s the case, I guess the domain thieves stole the domains by not using the owner’s credentials and by not taking the usual transfer out procedure, circumventing a domain holder’s every effort to protect his/her credentials including 2fa . IMHO, ICANN should do something about the rampant domain theft. It is not a personal issue any more. It’s the domain industry issue.
Yes ive been recieving some doggy godaddy emails claiming my numeric domains were soon to expire (even though they arent)…..the key is to look at the address of the emails, and there are some discrepancies….one email address was ‘master@godaddy.com and go@gobabby.com.
…instantly send these to the trash, DO NOT attempt to login.
As previously requested ALL DOMAIN owners should be writing to Icann and asking what steps are being put into place to protect domain name owners who become victims of theft? As previously mentioned here, there needs to be a domain name holding pattern for names reported as stolen or in dispute. A few less fancy meals and one more employee to tackle this situation …… how about it ICann??
Another day another domain stolen from Godaddy.
And they still refuse to give us better protection:
– geo lock – if anyone longs in from outside if ….. (my country) – block my account for 72h and send me SMS to unblock
– 7 day waiting period after the domain changes accounts
– 2FA only for transfers / account changes – I don’t want it for every login (too annoying)
– backup codes for 2FA – I don’t want to be locked out of my account for days
– last but not least – triple check any domain that is transfered to ename.com (scam / theft friendly registrar)
I had my 4 letter domain stolen from GoDaddy last year, on a transfer out. Called both Registrars many times, and they blamed it on me, for not receiving the email. It was a 4 letter domain name. The time spent, and no one wants to take the time to retrieve it, or do anything, so ends up gone. Went to enon immediately. I had other domains, stolen from my GoDaddy account, in early years. Other people logging in, that was not me.
Update: One domain remains stolen, the rest have been recovered.