This post will discuss how domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking.
Domain hijacking is a process by which Internet Domain Names are stolen from their legitimate owners. Domain hijacking is also known as domain theft. In order to learn how to hijack domain names, we must first understand how domain names operate and how they become associated with a particular web server (website).
The integration of domain name is as follows:
Any website consists of two parts. For our example, we will use the website gohacking.com. The domain name (gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of a domain name with the web hosting server is done as follows.
1. After registering a new domain name, we get a control panel that gives us full control of the domain.
2. From this control panel, we point our domain name to the web server where the website’s files are actually hosted.
For a clear understanding, let me take up a small example.
John registers a new domain “abc.com” from X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.
What happens when a domain is hijacked?
Let’s see what happens when a domain name is hijacked. To hijack a domain name you need to get access to the control panel and point the domain name to a different web server. To hijack a domain you do not need to gain access to the target web server.
For example, a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point at a different web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).
In this case, John’s domain name (abc.com) is said to be hijacked.
How to hijack a domain name?
To hijack a domain name, you need to gain access to the control panel of the target domain. For this you need the following:
1. The domain registrar name for the target domain.
2. The administrative email address associated with the target domain.
You can get this information by accessing the WHOIS data of the target domain. Go to whois.domaintools.com, enter the target domain name, and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll find the “Administrative contact email address”.
To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company.” Here XYZ Company is the domain registrar. In case if you don’t find this, scroll up and you’ll see ICANN Registrar under the “Registry Data.” In this case, the ICANN registrar is the actual domain registrar.
The administrative email address associated with the domain is the backdoor to hack the domain name. It is the key to unlock the domain control panel. You need to hack this email account and take full control of it. Email hacking has been discussed in my previous post ” HOW TO HACK EMAIL ACCOUNTS.”
Once you take full control of this email account, visit the domain registrar’s website and click forgot password on the login page. You will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once you do this, all the details to reset the password will be sent to the administrative email address. Since you already have access to this email account, you can easily reset the password of the domain control panel. After resetting the password, login to the control panel with your new password and from there you can hijack the domain within minutes.
How to protect the domain name from being hijacked?
The best way to protect the domain name is to protect the administrative email account associated with the domain. If you lose this email account, you loose your domain. So refer to my previous post on how to “PROTECT YOUR EMAIL ACCOUNT FROM BEING HACKED.” Another way to protect your domain is to get private domain registration. When you register a domain name using the private registration option, all your personal details, such as your name, address, phone, and administrative email address, are hidden from the public. When a hacker performs a WHOIS lookup for your domain name, he will not be able to find your name, phone number, or administrative email address. The private registration provides extra security. Private domain registration costs extra, but the advantages are worth it. Every domain registrar provides a private registration option.
Leave a Reply