The Theft of Design Blog Domain Names

by on 5th December 2011

There’s nothing more concerning than receiving an email from someone — completely out of the blue — to let you know that they think your domain name may have been stolen. Particularly when a quick Whois search changes the initial feeling of complete denial to extreme concern…

Last Thursday, I found out that someone had taken it upon themselves to “hijack” our primary domain name — designshack.net — and transfer it away from our registrar. We’re working hard to reverse the process, and I’ll be documenting the current situation here.

The Story So Far

After finding out that designshack.net had indeed been transferred away from our control, I did three things:

  • I telephoned GoDaddy (our registrar) to let them know, and seek their advice on the protocol to follow. I was advised to go through their “Unauthorised Transfer Away” process, filling out a report with the relevant identification to prove my ownership.
  • I contacted PlanetDomain, the registrar being used by the thief, to tell them that the domain name had been stolen.
  • I did a little digging around, and discovered that several other domain names seemed to have been victim to the same theft.

Each of these processes is still ongoing, though we’ve been fortunate in that our name servers haven’t been changed (and, when they were at one point, we were able to request a reversal). Design Shack is still alive and well at our primary domain name for now.

The Other Sites Involved

The domain names affected by this scam are:

  • designshack.net
  • css-tricks.com
  • davidwalsh.name
  • scriptandstyle.com
  • sohtanaka.com
  • instantshift.com
  • kirupa.com
  • shiachat.com

It’s difficult to find a connecting thread between each site, as we all use a number of different registrars and hosting companies. Needless to say, we’re working together to get each domain back in the hands of the real owners.

Timeline of Events

The timeline I’ve been following is more or less identical to the details documented by Chris Coyier over at CSS-Tricks, so I won’t repeat the details here.

Everything was a little more subtle in our case. There was no evidence of our Gmail accounts being compromised, and no malicious links added to our site. Just the sickening theft of a domain name.

The current situation is that we’re waiting for GoDaddy and PlanetDomain to finish discussing the details of the case, and return the domain. Both parties have been in touch with ourselves, and each other, so I remain optimistic that we’ll have the domain name back in our hands within the next couple of days.

How Can You Help?

Thank you to everyone who has petitioned GoDaddy on Twitter to help our cause. They’ve been professional and helpful so far, as have PlanetDomain when speaking on the phone. We really appreciate your support.

Unfortunately we’re somewhat hindered by the fact that neither company’s domain name team works on weekends, with GoDaddy based in the USA and PlanetDomain in Australia. Considerably different time zones lead to a frustrating delay in communication.

If you’d like to continue to help, please feel free to tweet a link to this post, and politely urge GoDaddy to continue to give our case priority. We’ll keep you posted with how things go, and will continue to publish our articles and inspiration as normal!

It’s also worth bookmarking designshack.co.uk, as we’ll be reverting to that address as a last resort.

Updates

5th December

We publish this post with an overview of how the situation has developed from the 1st December onwards.

5th December, 1am

We receive our first communication from PlanetDomain:

Good Morning David,
Thank you for your email.
We are currently in communication with GoDaddy regarding this issue. We
will advise you via email of the decision.

5th December, 8am

I discover that our name servers have been deleted, and proceed to call PlanetDomain. They re-instate the correct name servers, and Design Shack comes back online.

6th December

PlanetDomain confirm that the hijacker’s account has been disabled, so the domain name should be safe from here out. They’re working with GoDaddy to get it transferred back.

7th December

Ou domain name has now been returned to GoDaddy, according to WHOIS. We’re now just waiting to it to be assigned back to our account. We’ll then be upping security to a slightly paranoid level…

7th December, 2pm

Everything is resolved. The domain name is back in our account. Thanks to GoDaddy and PlanetDomain for their excellent support in getting this sorted. We’re thrilled to have it back!

Further Reading

For more related resources:

Subscribe


Membership
About the Author