Results 1 to 13 of 13
  1. #1
    Join Date
    Apr 2005
    Location
    silicon and earthquakes
    Posts
    255

    How to get back hijacked domains from my reseller account

    Sad story: my domain reseller account was compromised and the attacker was able to transfer some of my domains out to another registrar. I reacted almost immediately and asked the registrar to stop the transfers but the attacker was able to delay the response by blocking my access to the reseller account.

    Finally, I was able to prove that I am the rightful owner of the reseller account to the registrar but the damage was already done, 7 domains (including my hosting business domain, sigh) have been transferred away.

    How can I get the domains back? The attacker impersonated me to the registrar support staff so that is clearly fraud. Knowing that doesn't help my case much though. Do I have any recourse?

  2. #2
    Join Date
    Nov 2002
    Posts
    4,377
    Who is the registrar? Did you have a direct reseller account or a sub-reseller account?

  3. #3
    Join Date
    Apr 2005
    Location
    silicon and earthquakes
    Posts
    255
    OnlineNIC. It is a direct accout (not a subreseller).

  4. #4
    Join Date
    Dec 2007
    Location
    LocalHost
    Posts
    1,303
    Is your domain moved (within same registrar) or transferred (to different registrar).

    If its within OnlineNIC, you can get easily.
    YagHost - Pure SSD Hosting | Since 2007 | Average Response Time: 15 min
    Web Hosting | Reseller Hosting | Managed VPS Hosting
    99.9% Server Uptime Guarantee | 24/7 Rapid Response Tech Support | 30 Day Money Back Guarantee
    LopHost.com - Web Hosting Tutorials

  5. #5
    Join Date
    Apr 2005
    Location
    silicon and earthquakes
    Posts
    255
    Transferred to another registrar, unfortunately.

  6. #6
    Join Date
    Feb 2012
    Location
    Memphis, TN
    Posts
    2,978
    Email the other registrar with proof of ownership, ask current one to contact them on your behalf as well. Get the ball rolling on recovery.

  7. #7
    Join Date
    Apr 2005
    Location
    silicon and earthquakes
    Posts
    255
    Already did contact the other registrar. They say they cannot do anything since the transfer from their side was legitimate. Since the attacker had access to the reseller account, they changed admin contact and confirmed the transfers themselves.

    OnlineNIC suggests I should go through UDRP but this is not a trademark dispute so I am not sure UDRP is even applicable.

  8. #8
    Join Date
    Jan 2003
    Location
    Canada
    Posts
    2,125
    Call. Speak to somebody. You will normally have to fax photo ID.
    █ █ █

  9. #9
    Join Date
    Apr 2005
    Location
    silicon and earthquakes
    Posts
    255
    I have provided a copy of my driver's license (which, somehow, ended in the attacker's hands!! I think they were given access to my support account as well). I have also sent my passport, credit card and one more document. I think I established my identity to OnlineNIC quite well.

    The "winning" registrar won't talk to me at all because the transfers look legit from their perspective.

    The steps above have proven (I think) my identity to OnlineNIC but since the transfers have completed I am not sure how to go about retrieving the domains back.

  10. #10
    Quote Originally Posted by rotoiti View Post
    I have provided a copy of my driver's license (which, somehow, ended in the attacker's hands!! I think they were given access to my support account as well). I have also sent my passport, credit card and one more document. I think I established my identity to OnlineNIC quite well.

    The "winning" registrar won't talk to me at all because the transfers look legit from their perspective.

    The steps above have proven (I think) my identity to OnlineNIC but since the transfers have completed I am not sure how to go about retrieving the domains back.
    Who is the Receiving/winning Registrar? Aren't registrars registered with some internet association ICANN or something? So I don't think they would just "turn the blind eye" and risk losing their license to be a registry. Clearly, fraud is taking place.

  11. #11
    Join Date
    Apr 2005
    Location
    silicon and earthquakes
    Posts
    255
    Name Silo is the receiving registrar.

  12. #12
    Best way go by legal way
    SixVM - Build your own VM you want!

  13. #13
    Join Date
    Aug 2010
    Posts
    430
    Quote Originally Posted by SixVM View Post
    Best way go by legal way
    Not necessarily. Legal fees will eat you up. You will probably get better results if you just offer some money.
    My Site : Chi Chi's Floral [Under Construction - Link Coming Soon!]

    Hosted by: Myhosting.com - 10 months and counting!

Similar Threads

  1. domainsbyproxy has hijacked my domains... need help
    By bl00513 in forum Domain Names
    Replies: 17
    Last Post: 08-02-2013, 05:52 PM
  2. Replies: 3
    Last Post: 06-06-2013, 11:26 PM
  3. my domains hijacked and enom not helping
    By fwz2000 in forum Domain Names
    Replies: 14
    Last Post: 10-28-2009, 01:10 PM
  4. Replies: 28
    Last Post: 05-06-2009, 06:27 PM
  5. Replies: 21
    Last Post: 09-07-2007, 04:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •