Results 1 to 36 of 36
  1. #1
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45

    * Domains/Account stolen at godaddy

    Some time before christmas (around the 12th of Dec according to godaddy support), someone accessed my account at godaddy and changed the password and email and then moved all my domains to another account. So now I'm sitting here seeing my 5 or 6 domains registered to some chinese guy!?!

    Someone who have experienced the same who could tell me what should I do now? I've contacted the godaddy support and they are investigating my claim, but I'm not sure they can or want to do anything about it.

  2. #2
    Join Date
    Jul 2006
    Posts
    333
    How do you think they accessed your account?

  3. #3
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    I suspect they got a hold of my password in some way, a server that I'm working with was attacked by hackers some time ago.

  4. #4
    Join Date
    Jul 2006
    Posts
    333
    Has Godaddy offered to help you or did hey just say you are going to have to file a udrp to get the names back?

  5. #5
    Join Date
    Jul 2001
    Location
    .INdiana
    Posts
    2,451
    what did godaddy say when you reported the theft?

  6. #6
    Join Date
    Aug 2004
    Location
    Olmstedville, NY
    Posts
    439
    Quote Originally Posted by Svenneman
    I suspect they got a hold of my password in some way, a server that I'm working with was attacked by hackers some time ago.
    Do you keep usernames and passwords stored on servers?

    I was told never to store them on a server and always treat every log-in at if from a public access computer. Plus, daily run security software on business/home computer.

    I personally have them written down in hard copy for all my clients.
    If more that one login no two usernames and passwords the same.


    I had a BIG problem years ago with Cedant when they were purchased by APlus. All my accounts were hacked from within Aplus by Eastern European hackers. Lost everything and had to start over. Needless to say it was witha different company.

    So perhaps your account was compromised from within your server company.
    The Best To You!
    Ireland - Networking the Irish / Celtic Community
    www.CapitalCeltic.com

  7. #7
    Join Date
    Jun 2005
    Posts
    5,866
    Imho, GoDaddy are one of the better registrars in sorting these problems out. Especially if the domains are still at GoDaddy. Be serious, insistant, and polite. Keep the pressure on them or they might not consider it seriously.
    Signature Under Construction.

  8. #8
    Join Date
    Jul 2006
    Posts
    333
    I would suspect a keylogger or trojan was the culprit

  9. #9
    Quote Originally Posted by stu2
    Imho, GoDaddy are one of the better registrars in sorting these problems out. Especially if the domains are still at GoDaddy. Be serious, insistant, and polite. Keep the pressure on them or they might not consider it seriously.
    It's so nice to hear some good in this industry.

  10. #10
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    Unfortunately, we will not be able to assist you with your request as you are not the current registrant of the domain. As the registrar we can only make this type of change after verifying the consent of the registrant. At this point you will need to contact the owner via one of the methods listed on the Whois record of the domain.

    If you find that the Whois information provided at https://www.godaddy.com/gdshop/whois...dy&isc=gdbb708 is invalid, such as containing a phone number that has been disconnected or an email address that bounces, please send us a detailed email to [email protected] and we will attempt to contact the owner and request that the information be updated.

    If the registrant is unresponsive or unwilling to assist you in this matter the only suggestion that we can offer you would be to initiate a domain ownership dispute through an arbitration forum such as WIPO (http://www.wipo.int) or settle the matter via the local court system.
    this is the message I've received twice from them, in addition to an email that they are investigating my claim

  11. #11
    Join Date
    Jun 2005
    Posts
    5,866
    Yeah. They have to cover their !@#. This is the standard response from all registrars. I hope you are speaking to them on the phone.
    Signature Under Construction.

  12. #12
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    Hello,


    When you created your account, you agreed to the Universal Terms of Service for Go Daddy Software and Services. The Terms specified that it is your responsibility to protect your account's confidential information. The relevant section is set forth below for your convenience. The Terms can also be found at https://www.godaddy.com/gdshop/agree...?se=%2B&ci=291.





    4. ACCOUNT SECURITY.

    You agree You are entirely responsible for maintaining the confidentiality of Your password and account information. You agree You are entirely responsible for any and all activities that occur under Your account. You agree to notify Go Daddy immediately of any unauthorized use of Your account or any other breach of security. You agree Go Daddy will not be liable for any loss that You may incur as a result of someone else using Your password or account, either with or without Your knowledge. You further agree You could be held liable for losses incurred by Go Daddy or another party due to someone else using Your account or password. For security purposes, You should keep account access information in a secure location and take precautions to prevent others from gaining access to Your user name and password. You agree that You will be responsible for all activity in Your account, whether initiated by You, or by others on Your behalf, or by any other means. Go Daddy specifically disclaims liability for any activity in Your account, whether authorized by You or not.





    If the account contains domains of which you are listed as the registrant in the WHOIS directory and you would like these domains moved into a new account, please visit the following link to request a change of account:



    https://www.godaddy.com/gdshop/chang...rog_id=GoDaddy





    Kind Regards,


    ~~~~~~~~~~~~~~~~~~
    Domain Services
    fax: 480.624.2547
    you got to love this, basically it doesnt seem that an account that has been hijacked can be restored, they are even claiming that my domains were never in an account belonging to me, however that is because the name on my account was changed along with the email and password. this is pissing me off

  13. #13
    Join Date
    Jun 2005
    Posts
    5,866
    What? You don't even have access to your account? Sounds like you are talking at too low a level. Ask to escalate the issue by talking to a supervisor. I'm sure they can at least restore your account to you even if there are no domains left in it.
    Signature Under Construction.

  14. #14
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    will try that, I'm just pissed atm for their inability to do anything in the matter

  15. #15
    Join Date
    Jul 2002
    Posts
    955
    Quote Originally Posted by Svenneman
    you got to love this, basically it doesnt seem that an account that has been hijacked can be restored, they are even claiming that my domains were never in an account belonging to me, however that is because the name on my account was changed along with the email and password. this is pissing me off

    It's fairly easy to establish. Step one would be to establish who purchased the domains using the payment information that was used for the original purchase or renewals.

    Another method would be to ask for valid information from the new owner and call to confirm. Most hijackers will shy away and dissappear as soon as they are confronted for this information.

    There is also a useful Whois History tool than can be used.

    Still more are account details that can be looked at such as ip addresses, domain push history, password updates etc., etc.

    All it takes is a little effort on their part.
    Last edited by enetwork; 01-04-2007 at 06:07 AM.
    Richard Kirkendall
    NameCheap.com

  16. #16
    Join Date
    Jun 2005
    Posts
    5,866
    Richard is a registrar, Svenneman. He know what he's talking about in these matters. You need to get to talk to someone who is actually prepared to help you rather than giving you the canned responses you've posted here. Then ask them what evidence they need for them to a) restore the account to you, and b) restore the domains into your account. If they then tell you what evidence they require, you've got them out of defense mode and into proactive mode. Provide the evidence they require and you should be on the way to getting your domains back. You should push this up the chain of command immediately because it's already getting to be an old issue, and the longer you leave it unresolved, they more they are going to be reluctant to help. Get some urgency back into your request, asap. Get on the phone and don't get off it until you've got the answers you require. It's not guaranteed, because you obviously have been lax with your own security, and you just need to read the parts of their ToS you've posted to know that they consider it to be all your fault, and they don't HAVE to do anything to restore things to the status quo. The status quo, is as it is now, as far as they are concerned. Not what it was a month ago.
    Last edited by stub; 01-04-2007 at 07:10 AM.
    Signature Under Construction.

  17. #17
    Join Date
    Feb 2006
    Posts
    58
    I have an account with godaddy with about 40+ domains. My account was hacked. MOst domains was transferred to another account and 2-3 of them transferred to another registrar. But I got my domains back (include the ones got transferred to another registrar) after some email and paper works (name, domains, picture id). So send them more email and explain the situation. I'm sure they'll help you out.
    Last edited by hello_x; 01-04-2007 at 10:49 AM.

  18. #18
    Join Date
    Jan 2006
    Location
    Jersey
    Posts
    2,965
    Quote Originally Posted by Ireland
    Do you keep usernames and passwords stored on servers?

    I was told never to store them on a server and always treat every log-in at if from a public access computer. Plus, daily run security software on business/home computer.

    I personally have them written down in hard copy for all my clients.
    If more that one login no two usernames and passwords the same.


    I had a BIG problem years ago with Cedant when they were purchased by APlus. All my accounts were hacked from within Aplus by Eastern European hackers. Lost everything and had to start over. Needless to say it was witha different company.

    So perhaps your account was compromised from within your server company.
    I never write my passwords down exactly like they are, I write them in a complex binary algorithm where only I can decipher it.

    You can never be too secure
    Email: info ///at/// honelive.com

  19. #19
    I literally memorize my passwords: letters, numbers, characters, etc. Doing so helps
    to exercise my brain.

    Good luck to the OP. Persistence is really his/her best ally, along with a good lawyer.

  20. #20
    Join Date
    Jun 2005
    Posts
    5,866
    A lawyer is likely to take 1 look at the Godaddy's ToS and either a) Rub his hands with delight, or 2) Tell his client he hasn't a leg to stand on. He is also likely to ask how much the domains are worth and then tell his client, it isn't worth his time to bother
    Signature Under Construction.

  21. #21
    Join Date
    Jul 2002
    Location
    Kuwait
    Posts
    10,573
    can you give us an update what was Godaddy's action?
    Bashar Al-Abdulhadi - KuwaitNET Internet Services Serving customers since 1997
    Kuwait's First Webhosting and Domain Registration provider - an ICANN Accredited Registrar

    Twitter: Bashar Al-Abdulhadi

  22. #22
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    I don't know their action yet, I've been redirected to some other appartment which also wanted me to send in some paperwork to get this done, I'm waiting for their answer atm. I'll post an update when something new happens.

  23. #23
    Join Date
    Jun 2005
    Posts
    5,866
    Don't wait more than 24hrs. stay on top of it.
    Signature Under Construction.

  24. #24
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    Almost a week has passed since I last heard from them. I sent them a polite message yesterday asking to get an update on my claim, and if they needed something else from me to verify my claim.

    So waiting for a reply from them right now...

  25. #25
    Join Date
    Jun 2005
    Posts
    5,866
    I think you're going to lose the domain(s) because you are not hounding the hell out of Godaddy. If you're not taking it seriously (read urgently), then why should they? The longer the time passes, the more difficult it becomes to correct injustices. Time is a great healer in the hijacked domain business. They'll get to a point where they will say, "sorry, we can't help you anymore". Keeping the pressure on them helps to keep them focussed on the task at hand (recovering your stolen domains).
    Signature Under Construction.

  26. #26
    Wow!!! Remind me not to use them!

  27. #27
    Join Date
    Jun 2005
    Posts
    5,866
    My comments apply to each registrar equally. The OP lost his domains because of lax security. No registrar is going to fall over backwards to help in those circumstances. They all have to be cajoled.
    Signature Under Construction.

  28. #28
    Join Date
    Mar 2006
    Posts
    31
    THis is incredible. Thanks for this though, I have roughly 190 domains registered with them, I just changed my password

  29. #29
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    At last I got the domains back Took some time, but its a relief that I got back what is rightfully mine.

  30. #30
    Great to hear that. Could you, say, give a sequence of events and explain how it
    went so we can learn a thing or 2?

  31. #31
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    Okay here is what happened.

    All of this started on the 29th of december when I woke up to see all me websites pointing to a chineese site, and notices that the nameservers and whois data has been changed for all the domains. I'm also unable to login to my account at godaddy.
    I call godaddy support where they tell me that someone accessed my account and moved away all my domains to another account at the 12th of december. Apparently the email in my account was changed aswell so I didn't get any notices about any changes.
    They tell me to send an email to another appartment that should be able to help me.So I sent an email to the address they gave me.

    The next day I get a reply which says that I need to fill in a form and send it to them.
    I completed the form and sent it in. After this I got a new response that they were unable to assist me because I'm not the current owner of the domains. Huh?
    Well of course I'm not the owner since they were moved to a new account? That is why I'm mailing them. Basically that is what I mailed them as a response, but a bit more well formulated. To this I got a new response saying that the domains were never in my account. Ehm, wtf?

    I emailed back and told them that they must be wrong, I have had some of the domains since 2002... This time I got a response where they quoted their TOS, meaning that I alone was responsible for any actions made by my account.

    I sent another email further trying to explain the situation, and got a reply telling me that if they had a record of me being the owner of the domains, then another department could take care of it, but in this case they didn't.

    This is how it went back and forth for a week.

    Then finally they redirected me to another department who they thought might be able to assist me. I had to fill out some more paper work and scan and email it in. Then it took about a week to get the domains back, had some problems with 2 of the domains which previously were registered under a company which I'm unable to provide business identification for, but I told them to move on with the other domains. A day after I told them to move on and process the other domains, I got an email in which they confirmed my claim and setup a new account for me, which they transferred all the domains into.


    If support first had sent me to the correct department, then this would have been over in no-time. But now I had to go through the hassle of two different departments and lots of extra work. I'm glad I was able to get the domains back, but I would have appreciated if Godaddy would have been more straightforward and helpful. Now it seemed like they didn't really care if they lost a customer or not. If they actually would have read my complete emails and not just the first couple of lines they might have understood what was going on.

  32. #32
    Join Date
    Jun 2005
    Posts
    5,866
    I think you should be grateful to GoDaddy. Not dishing them like you seem to be doing. They got your domains back (as I predicted they would). They have basically a ToS in place denying all responsibility for any actions taken on your account. You were lax with security and you account was compromised. It's not their problem. Period. What you encountered was all the excuses they will give you, to enable them to do nothing. in accordance with their ToS. You have to scream load, hard, early, and repeatedly, if you want them (or any registrar) to take the actions they've done in obtaining proof from you that you did in fact own these domains, to justify removing these domains from the current owner of these domains, who by rights is the legitimate owner on record.

    What makes this slightly hilarious is the fact that if the perpetrator had any sense they would have transfered the domains away from GoDaddy, making your chances of successful recovery, considerably more difficult. Not a very smart thief, imho.
    Signature Under Construction.

  33. #33
    Join Date
    Aug 2001
    Location
    Sweden
    Posts
    45
    Well the domains are not of any big economical value, I'm pretty sure the theif just did it to mess things up for me. I do not think they had any intention to pay for renewals or transfers.

    Don't get me wrong I'm very grateful to Godaddy that they were able to help me. And yes it is my responsibility to keep my password safe and all, but what I would like to have seen from them is more commitment to the customer, a strive to help the customer instead of making it as hard as this to get them back. Like I wrote, everything would have gone alot smoother if I were directed to the right people from the beginning. I'm glad it is all settled now anyway.

    Thanks for everyones input on this. I sure have learned a thing or two out of this.

  34. #34
    Join Date
    Nov 2006
    Posts
    168
    Thats a happy ending to this story for sure. I would suggest that you take better steps to secure your login information, and also try to figure out the possible ways your account was compromised. I would suggest that you check out all possibilities, including as mentioned earlier the possibility of a backdoor trojan w/keylogger on your computer, update your anti-virus and scan to see if you are infected with malware. It is also a good idea to change your passwords frequently to help keep things secure. Glad to hear you got your domains back.

  35. #35
    Join Date
    Jun 2005
    Posts
    5,866
    Welcome to the world of domain registrars, Svenneman You should be grateful your domains were at GoDaddy. Many registrars would not have gone the extra mile to help you.
    Signature Under Construction.

  36. #36

    The same...

    Quote Originally Posted by hello_x
    I have an account with godaddy with about 40+ domains. My account was hacked. MOst domains was transferred to another account and 2-3 of them transferred to another registrar. But I got my domains back (include the ones got transferred to another registrar) after some email and paper works (name, domains, picture id). So send them more email and explain the situation. I'm sure they'll help you out.
    Hi, I'm experiencing the same thing, please can you contact me at bacarell<ATTTTTTTTTT>tiscali<DOTTT>it ? Thanks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •