As it appears yesterday, the domain name distribution service DomainTools experienced an "email harvesting" attack. The attack focuses on the collection of emails of users of the service and according to the company the hackers abused a flaw that they discovered in the e-mail update procedures that any user can use.
So the company informed all its customers as, as the malicious script used by the hackers claims, it managed to collect a few hundred current or even older emails from DomainTools accounts.
The company urges all DomainTools account holders to change the passwords they use as a precautionary measure, although as the company says, their research does not show that passwords have leaked.
As the hacker seems to have used e-mail addresses from past known violations and ran them in the e-mail update service of the service. In this way, he was able to confirm that DomainTools had a limited number of e-mail addresses he used in the attack.
Of course the company ends the email notification of the attack by apologizing to the account holders for the inconvenience it has caused.
DomainTools reported that it has already repaired its security gap and has applied additional monitoring for any account violations after yesterday's hack.
See the email