• Home
  • Categories
    • Domain Sales
    • Services
    • Domain Registrars
    • Domain Parking
    • Expired Domains
    • We Get It
    • Policy & Law
    • Uncategorized
    • Podcasts
  • About
  • Advertise
  • Disclosures
    • Facebook
    • Google+
    • RSS
    • Twitter
    • YouTube

Domain Name Wire | Domain Name News & Website Stuff

Domain Name Industry News and Website Stuff

Featured Domains

Newtek domain theft has major impact on customers

by Andrew Allemann — February 12, 2018 Policy & Law 4 Comments

Customers have to make quick switch to avoid security risk and potential outages.

I frequently write about domain name theft. Usually, the only loss in the theft is the domain name. But it can be much worse.

Three domain names belonging to Newtek Business Services Corp. (NASDAQ:NEWT) were recently stolen, as Brian Krebs explains in a post today. Unfortunately, customers used these domain names to access and point to their web services, potentially leading to outages and leaked information.

Krebs details Newtek’s bungled response in his post, but let’s dig a bit deeper into the domain theft.

The three stolen domains were webcontrolcenter[dot]com, thesba[dot]com, and crystaltech[dot]com.

Looking at historical Whois records at DomainTools brings up many interesting points.

First, Newtek is a Tucows reseller and managed all of these domains through its reseller account. I wonder if it also helped customers register domains through its reseller account and if any customer domains were also susceptible to the hack.

Second, the thief or thieves moved the domain names to three different registrars: P.A. Viet Nam Company Limited, INET Corporation and GMO Internet, respectively. There are a few possible reasons for this:

  • There were multiple thieves
  • The domains were moved to multiple registrars to make it more difficult to recover them quickly
  • Three different registrars were used to reduce the chances of detection during the theft

Third, the theft of at least one domain occured a couple weeks ago and went undetected. DomainTools has a historical record for CrystalTech[dot]com dated January 31, 2018 that shows the domain had already been transferred to GMO.

Companies (especially web service providers) should always track their registrations through a service such as DomainTools or DomainIQ to be alerted if their domains change.

Fourth, all three domains had the same registrant contact email. This could have been a source of the hack, although NewtekOne.com, the company’s main domain name, was not stolen and used the same address.

Amazingly, Newtek’s stock opened up to begin the day. It has been relatively quiet about the domain theft, but it’s something investors should dig into to understand its impact.

Share7
Tweet13
Share5
+1
Email
Shares 25

Learn more...

  1. DingBats.com Case Discusses Pool.com Lawsuit Over Domain Theft
  2. 8 Clues a Domain Name is Stolen
  3. Mrs Jello sues over stolen domain names

4 Comments Tags: domain theft, nasdaq:newt, Newtek Business Services Corp.

Comments

  1. Brand says

    February 12, 2018 at 3:21 pm

    No podcast today?….

    Reply
    • Andrew Allemann says

      February 12, 2018 at 3:24 pm

      Sorry, I had a technical snafu and there won’t be a podcast this week. Check back next Monday!

      Reply
      • Brand says

        February 12, 2018 at 5:36 pm

        No problem, it’s just a Monday isn’t a Monday without your podcast.

        I look forward to next Monday, Thanks for the reply…

        Reply
  2. jolud says

    February 20, 2018 at 2:11 pm

    Customers are stuck without access to their files also, major permissions issue on the site, half my domains are down and support isn’t available via phone, email, or livechat.

    Reply

Leave a Reply Cancel reply



Get the DNW Newsletter – sign up here.

Archives

HostingFacts.com



WHSR Hosting Reviews



Top Stories

  • 01.

    U.S. government asks ICANN to investigate GoDaddy’s Whois policy

    POSTED UNDER Policy & Law

  • 02.

    CIRA wants patent for registry “tag” system

    POSTED UNDER Services

  • 03.

    Vacation.rentals domain name sells for record $500,300

    POSTED UNDER Domain Sales

  • Privacy Policy
  • Disclosures
  • Advertising
© 2005–2018 Domain Name Wire • DNW and Domain Name Wire are trademarks of Brainstorm Labs, LLC