Email
Password
Remember meForgot password?
    Log in with Twitter

article imageDell loses control of important domain name to cybersquatters

By James Walker     Oct 31, 2017 in Technology
Dell has suffered an embarrassing cybersecurity incident after it forgot to renew a domain name used by one of its services. Squatters had control of the domain for a month. It's thought it may have been used to distribute malware before Dell regained it.
Dell includes its own "Backup and Recovery Application" on almost all of its computers. This program periodically checks in with the domain "DellBackupandRecoveryCloudStorage.com" to check for updates and verify its own status.
Over the summer, someone at Dell forgot to renew the domain. It was promptly snatched up by a typosquatter who appears to have used the site to distribute malware. Krebs on Security reports that two weeks after it was acquired by "TeamInternet.com," the domain began to be flagged by malware warning sites as a potential risk.
Dell regained control of the domain around a month after its ownership expired. The company said the incident posed no risk to customers and shouldn't have affected the operation of its backup software. Backup and Recovery Application shouldn't have attempted to download anything from the site so Dell PC owners won't have directly installed the malware it briefly hosted.
"We do not believe that the Dell Backup and Recover calls to the URL during the period in question resulted in the transfer of information to or from the site, including the transfer of malware to any user device," Dell said to The Register.
READ NEXT: Bug in Google bug tracker let hackers exploit unpatched issues
What Dell hasn't explained is how it lost control of the domain in the first-place. The site is said to be administered by a third-party subcontractor. However, registrars usually send multiple reminders before a domain name lease expires and it's rare for major companies to forget to renew their subscriptions.
Dell's also not elaborating on its questionable domain choice. Although not intended to be visited directly, "DellBackupandRecoveryCloudStorage.com" isn't the most memorable or convincing name. Security experts warned it's "kind of asking for trouble" by appearing to play into the hands of scammers and cybercriminals.
Dell could be better served by moving the site to a subdomain of dell.com, especially as the risks of using dedicated, overly long domains were made all too apparent in the wake of Equifax's giant data breach. The company's decision to register the independent site "equifaxsecurity2017.com" was slammed by the security community.
The choice of domain allowed typosquatters to register credible lookalikes such as "equifax-security2017.com," forming the basis of multiple phishing campaigns. Equifax is still using the dedicated domain despite facing repeated calls to move the site to a subdomain of "equifax.com."
More about Dell, Cybersecurity, Domain names, Internet, Web
 
Latest News
Top News