The Theft of Design Blog Domain Names

by on 5th December 2011 with 6 Comments

There’s nothing more concerning than receiving an email from someone — completely out of the blue — to let you know that they think your domain name may have been stolen. Particularly when a quick Whois search changes the initial feeling of complete denial to extreme concern…

Last Thursday, I found out that someone had taken it upon themselves to “hijack” our primary domain name — designshack.net — and transfer it away from our registrar. We’re working hard to reverse the process, and I’ll be documenting the current situation here.

The Story So Far

After finding out that designshack.net had indeed been transferred away from our control, I did three things:

  • I telephoned GoDaddy (our registrar) to let them know, and seek their advice on the protocol to follow. I was advised to go through their “Unauthorised Transfer Away” process, filling out a report with the relevant identification to prove my ownership.
  • I contacted PlanetDomain, the registrar being used by the thief, to tell them that the domain name had been stolen.
  • I did a little digging around, and discovered that several other domain names seemed to have been victim to the same theft.

Each of these processes is still ongoing, though we’ve been fortunate in that our name servers haven’t been changed (and, when they were at one point, we were able to request a reversal). Design Shack is still alive and well at our primary domain name for now.

The Other Sites Involved

The domain names affected by this scam are:

  • designshack.net
  • css-tricks.com
  • davidwalsh.name
  • scriptandstyle.com
  • sohtanaka.com
  • instantshift.com
  • kirupa.com
  • shiachat.com

It’s difficult to find a connecting thread between each site, as we all use a number of different registrars and hosting companies. Needless to say, we’re working together to get each domain back in the hands of the real owners.

Timeline of Events

The timeline I’ve been following is more or less identical to the details documented by Chris Coyier over at CSS-Tricks, so I won’t repeat the details here.

Everything was a little more subtle in our case. There was no evidence of our Gmail accounts being compromised, and no malicious links added to our site. Just the sickening theft of a domain name.

The current situation is that we’re waiting for GoDaddy and PlanetDomain to finish discussing the details of the case, and return the domain. Both parties have been in touch with ourselves, and each other, so I remain optimistic that we’ll have the domain name back in our hands within the next couple of days.

How Can You Help?

Thank you to everyone who has petitioned GoDaddy on Twitter to help our cause. They’ve been professional and helpful so far, as have PlanetDomain when speaking on the phone. We really appreciate your support.

Unfortunately we’re somewhat hindered by the fact that neither company’s domain name team works on weekends, with GoDaddy based in the USA and PlanetDomain in Australia. Considerably different time zones lead to a frustrating delay in communication.

If you’d like to continue to help, please feel free to tweet a link to this post, and politely urge GoDaddy to continue to give our case priority. We’ll keep you posted with how things go, and will continue to publish our articles and inspiration as normal!

It’s also worth bookmarking designshack.co.uk, as we’ll be reverting to that address as a last resort.

Updates

5th December

We publish this post with an overview of how the situation has developed from the 1st December onwards.

5th December, 1am

We receive our first communication from PlanetDomain:

Good Morning David,
Thank you for your email.
We are currently in communication with GoDaddy regarding this issue. We
will advise you via email of the decision.

5th December, 8am

I discover that our name servers have been deleted, and proceed to call PlanetDomain. They re-instate the correct name servers, and Design Shack comes back online.

6th December

PlanetDomain confirm that the hijacker’s account has been disabled, so the domain name should be safe from here out. They’re working with GoDaddy to get it transferred back.

7th December

Ou domain name has now been returned to GoDaddy, according to WHOIS. We’re now just waiting to it to be assigned back to our account. We’ll then be upping security to a slightly paranoid level…

7th December, 2pm

Everything is resolved. The domain name is back in our account. Thanks to GoDaddy and PlanetDomain for their excellent support in getting this sorted. We’re thrilled to have it back!

Further Reading

Comments & Discussion

6 Comments

Comments & Discussion

6 Comments

  1. Andy says:

    This makes me want to move my domain name somewhere else. Any suggestions?

  2. I use 123Reg for most of my domain names, and have never had a problem with them. I expect I’ll be moving Design Shack over there as soon as this is sorted (we already have our .co.uk with them): https://www.123-reg.co.uk/

  3. ashley says:

    Appreciate the post, we’ve been in touch w/ David Walsh and one of our developers passed along the post on css-tricks.com last Friday, it’s nice to get full details from you, too.

    Full disclosure, i work for Name.com, but we totally rock! We’re running a $7.39 transfer special now through the end of December and also provide security features such as NameSafe that use 2 factor authentication to log into your account so you can insure this will never happen to you! Check us out and get in touch if you have any questions, twitter.com/namedotcom facebook.com/namedotcom

    -ashley

  4. Total Bounty says:

    I think this happens to CSS-Tricks site too where their domain was transferred to PlanetDomain as well. Seems terrible and it makes me worry about my sites as well. But so far so good on my sites and hoping that I won’t go through the same dilemma. Thank you for sharing!

  5. Gemma says:

    I hope you get your domain back soon.

    Going slightly off-topic, does anyone know if the Just Creative Design blog has been stolen too?

  6. Oh man, this is so terrible, first time I heard hackers are targeting specifically sites in design niche!!

    I guess..better case is to choose Godaddy alternative as Godaddy are biggest domain sellers and possibly the biggest target whenever somebody wants to do some damage.

    I am glad site is back in your hands! Good luck!

Leave a Comment

Subscribe
Membership
About the Author