Oops
Looks like the hackers got it back.
I get an error when I try to connect.
Web designer David Airey has succeeded in recovering his domain after hackers exploited flaws in Gmail to trick his hosts into authorising a fraudulent transfer. Airey's woes began when he took his girlfriend for a month-long holiday to India on 21 November, a trip he mentioned in his blog. The holiday was a break from work …
I have use G-mail for a long time and have a number of domains. but iv never found a problem. infact i wish google had there own ISP&domain reg. as i think the service they have given me is tops. i have been a internet surfer and basic web builder for a number of years and been with gmail for the last 18months and im yet to find a problem. so not everyone is effected by this and i am still 100% happy with m google service.
Anyone who has a gmail accout (or google apps account) should check their filters (settings->filters) for any entries that they didn't add.
Although the exploit has been fixed, someone who hacked your account before the fix could still be silently monitoring your email. The only way to be sure is to check your filters.
Really, all David needed to do when the domain 'disappeared' was to do a WHOIS on Davidairey.com, see that the hijackers had been dumb enough to park it at Godaddy, and just call GoDaddy directly about the fruadulant transfer .. GoDaddy would have then required a fax to Verisign with documentation proving David is who he says he is, and the domain returned (not to mention the hijackers paying for another years registration in making the transfer to GoDaddy)
His Hosting firm should have known this, at least, and assisted him .. domain could have been recovered in 3 business days maximum.
GoDaddy does good, quick work on fraud cases, they really don't want shady stuff going on using thier services
All these nice comments about GoDaddy made me laugh. They are the host (in the medical sense as well as the web sense) for most of the upsurge in SPAM I have been receiving since I needed to create an account on a support page. Fortunately I had the sense to use a SPAM-bucket mail address and have been forwarding all the wonderful offers to the FTC (spam@ecu.gov). It is all the more enjoyable as the email include a virtuous footer proclaiming they adhere to the CAN-SPAM Act of 2003.
Nearly forgot, when I complained to GoDaddy they asked me to forward examples which I did, unfortunately their SPAM filter blocked it.....priceless
@Erik Aamot -
If I recall correctly a lot of people have serious problems, in trying to get usable customer assistance from GoDaddy.. wasn't SecLists.org shut down when it was hosted on GD?
I've heard a lot of rumblings about GD being a nightmare to use and get any kind og help or support (you get more from Googling for help or asking in other communities than their Helldesk), one of the reasons I avoided them when I bought my own domain.
Don't GoDaddy use domain locking ? The registrar I use won't consider any transfer request while the domain is locked, and only I can unlock it, by visiting their site, logging in, and clearing a check box. I guess the "victim" needs to learn some basic security (and use a better registrar).
Exploits are caused by the evil of Micro$oft. I know this to be true because I read it on Slashdot.
How can there be an exploit that affects Google? - they don't use M$FT software. It must be a conspiracy orchestrated personally by Bill Gates from his lair in the Space Needle.