back to article Potty-mouthed hackers steal comcast.net keys, go for a spin

Unknown hackers hijacked Comcast's domain name for three hours overnight, sending subscribers who tried to access webmail and other services to a rogue site that bragged of the exploit. Comcast lost control of the comcast.net address after the attackers changed registration information stored by its domain registrar, Network …

COMMENTS

This topic is closed for new posts.
  1. heystoopid
    Linux

    So

    So , when will the Comcast executives emails become public domain on the intertubes ?

  2. Anonymous Coward
    Pirate

    "dick-tard"?

    the mind boggles

  3. Silentmaster101

    they did a bit more than that.

    i called to change some of my account settings and things, and the people i talked to said their account lookup system was having issues and wouldnt be back up for a bit, when i called again about 4 hours later it was still down, then this story breaks.....

  4. foo_bar_baz
    Pirate

    MX records?

    So they redirected the website. What about MX records? It would be a lot more damaging to redirect all Comcast emails to your own address, even for a short while. I would be willing to bet most SMTP servers ignore it if the SSL certificate does not match or is missing.

  5. Brain
    Pirate

    how

    i am sure this was done by a social engineering attack, someone got names and info on admins inside comcast, and then called up network solutions or faxed them a change. Quite likely if they could make the request seem authentic i bet. After all, how many people who post to this site would fall for a trick like that? This also means it is likely to be partly an inside job too :)

  6. Tuomo Stauffer
    Pirate

    Preventing and monitoring?

    Preventing this kind of things happening can never be 100% but aren't they monitoring it? You would think that any company which is relying on, let's say DNS, would be monitoring that resource? Doesn't really cost anything, just a couple of messages time to time. Weird!

  7. Robert Armstrong
    Paris Hilton

    All your DNS belong to us

    He who throttles others may get throttled himself.

    At least, that's what Paris told me last night....

  8. peter
    Unhappy

    Wasted opportunity

    Instead of redirecting to a web page, pass on the login details to both the comcast server and your own mirror. They get access as usual to mail and domain controls and you get the username/password for later use.

  9. P. Lee Silver badge
    Coat

    web traffic not trashed

    ... just "delayed".

    Mines the one with the RST flag on the sleeve.

  10. Edward Rowley
    Unhappy

    Brute force of ssh key

    The box wasn't running debian was it

  11. Anonymous Coward
    Unhappy

    I missed the fun. Just got the Network Solutions blank page.

    I tried to access comcast.net at about 2:00 a.m. Eastern USA time. I just got a page marked as a Network Solutions page stating that the Comcast web site was unavailable. I'm always late to the party. :(

  12. Will
    Paris Hilton

    Dick Tard

    Must be el reg readers then...

    Paris coz its not nice to be mean about dicks

  13. Anonymous Coward
    Stop

    How come...

    ...such dweebs can compromise so much?

    IT Security and Army Intelligence must be on a par.

  14. Anonymous Coward
    Happy

    There's an easy fix....

    Here we have a nice division of labour. I look after our DNS, but my boss has our registry account. Most of the time, he keeps the company credit card details off our account, and whenever I have to do something with the registry account, I have to ask him to fill in the details.

    Until he does, I can't do anything with the registry account at all, all I get is a page telling me that there are no credit card details available.

    A rough - but efficient - protection method.

    When I've finished - I let him know he can remove the card details again and the protection is back on.

    Regards

    Neil

  15. Anonymous Coward
    Unhappy

    you'd think ...

    >> A brute force password attack is one possibility, but you'd think Network Solutions >> has safeguards in place to detect thousands of unsuccessful login attempts.

    You would think that all domain registrars would have passwords encrypted ? oh look UKreg/Fasthosts didn't, so NS not having brute force detection wouldn't surprise me

  16. Anon Koward
    Coat

    @Dick Tard

    I think you will find it was Dick tard lane, obviously a troll of el' reg who just couldn't figure out where tard is actually meant to fit into a sentence!

    /mines the coat with "L33t Tard Warez" on it...

  17. Anonymous Coward
    Anonymous Coward

    Comcast doesn't really need much help screwing up

    I've had comcast for ages mainly because they've forgotten us on their rate increases so we hum along at some old cheap rate. The second they try to raise my rate we'll be running for the door.

    But Comcrap doesn't really need a whole lot of help screwing up their network - they do it all by themselves, ALL THE TIME. At any point in time half of the intarweb can't be located. There was some sort of outage in the area last weekend that left something like 140,000 households without service for a few hours. Bittorrents downloads do finish but forget about seeding due to their session rejects.

    Posting anonymously as I don't want those clowns to find me and "fix" my billing.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019