from Hacker News

DNS hijacked on GoDaddy?

by zigzaggy on 12/30/20, 3:09 AM with 66 comments

  • by Waterluvian on 12/30/20, 4:06 AM

    I thought GoDaddy was an industry pariah, avoided by anyone who knows anything. What's the motivation to use them beyond saving a few dollars? Do they have a monopoly on certain domains?

  • by echelon on 12/30/20, 4:13 AM

    Back when I was a college student, my popular video game wiki's domain [1] was stolen by a former associate of mine while I was overseas.

    Godaddy did nothing to help the situation, and the thief had substantial monetary resources and threatened to get me tied up in court. He was ten years older, had an engineering income, and came from a family of lawyers. I was just a college student and felt powerless to do anything about it.

    I assume it was social engineering. He had access to the server and database, but was never supposed to have domain name access.

    Godaddy sucks.

    Also, their founder kills elephants for sport. So there's that too.

    [1] strategywiki.org

  • by kube-system on 12/30/20, 4:04 AM

    Honestly, it seems like this headline pops up at least once per year. I switched to another registrar close to a decade ago because of security concerns.

  • by billp3 on 12/30/20, 6:57 AM

    Something doesn't add up here.

    His nameservers have been set to DigitalOcean servers for well over a year. A GoDaddy rep wouldn't be able to change MX records on those nameservers. They would have to change the nameservers on his domain to GoDaddy servers and then add new MX records. That's more than just a simple MX record change and seems more unlikely to me.

    Perhaps his DigitalOcean account was compromised?

  • by nathanyz on 12/30/20, 4:22 AM

    Wonder if this is any way related to the 13 hour outage[1] at Wasabi storage related to GoDaddy?

    [1] https://news.ycombinator.com/item?id=25567294

  • by idorosen on 12/30/20, 4:29 AM

    What registrar do people recommend these days for domain registration that's (more?) secure against domain theft attack vectors? Namecheap? Gandi? MarkMonitor? One of the cloud providers?

  • by dpcan on 12/30/20, 6:42 AM

    I think it boils down to a shitty employee at the end of the day.

    If you have someone who decides to cut even 1 corner, it can be devastating to a domain owner.

    I have hundreds of clients who have used them, and I've never been on the phone with GoDaddy and had them do any less than tell me to bug off if I don't have a pin or get the 2-factor auth code to verify myself.

  • by tmk1108 on 12/30/20, 4:59 AM

    Reading the Twitter thread, what's the current best security practices for email addresses? Because I thought getting your own domain was the better thing to do but it seemed in this case using a Gmail address would have been better?

  • by illiniboy on 12/30/20, 6:16 AM

    Will 2FA and having a customer support PIN set up prevent this hijacking with GoDaddy?

  • by ketamine__ on 12/30/20, 4:09 AM

    So the big shots in crypto still don't understand how to secure their coins?