Authorization

A security researcher commandeered a country’s expired top-level domain to save it from hackers

In mid-October, a little-known but critically important domain name for one country’s internet space began to expire.
The domain — scpt-network.com — was one of two nameservers for the .cd country code top-level domain, assigned to the Democratic Republic of Congo. If it fell into the wrong hands, an attacker could redirect millions of unknowing internet users to rogue websites of their choosing.


Clearly, a domain of such importance wasn’t supposed to expire; someone in the Congolese government probably forgot to pay for its renewal. Luckily, expired domains don’t disappear immediately. Instead, the clock started on a grace period for its government owners to buy back the domain before it was sold to someone else.


By chance, Fredrik Almroth, a security researcher and co-founder of cybersecurity startup Detectify, was already looking at nameservers of country code top-level domains (or ccTLDs), the two-letter suffixes at the end of regional web addresses, like .fr for France or .uk for the United Kingdom. When he found this critical domain name was about to expire, Almroth began to monitor it, assuming someone in the Congolese government would pay to reclaim the domain.


But nobody ever did.


By the end of December, the clock was almost up and the domain was about to fall off the internet. Within minutes of the domain becoming available, Almroth quickly snapped it up to prevent anyone else from taking it over — because, as he told TechCrunch, “the implications are kind of huge.”


It’s rare but not unheard of for a top-level domain to expire.


In 2017, security researcher Matthew Bryant took over the nameservers of the .io top-level domain, assigned to the British Indian Ocean Territory. But malicious hackers have also shown interest in targeting top-level domains hack into companies and governments that use the same country-based domain suffix.



Read more on TechCrunch






A new state-backed hacker group is hijacking government domains at a phenomenal pace




Amazon’s Ring Neighbors app exposed users’ precise locations and home addresses




NSO used real people’s location data to pitch its contact-tracing tech, researchers say




Got a tip? Get in touch.

See also:
Leave a comment
News
  • Latest
  • Read
  • Commented
Calendar Content
«    Март 2021    »
ПнВтСрЧтПтСбВс
1234567
891011121314
15161718192021
22232425262728
293031