Όπως φαίνεται χθες η υπηρεσία διάθεσης domain names DomainTools βίωσε μια επίθεση “email harvesting.” Η επίθεση αυτή επικεντρώνεται στη συλλογή email χρηστών της υπηρεσίας και σύμφωνα με την εταιρεία οι hackers καταχράστηκαν ένα ελάττωμα που ανακάλυψαν στις διαδικασίες informationς e-mail which can be used by any user.
So the company informed all its customers as the malicious claims script used by the hackers managed to collect a few hundred current and even past email addresses from DomainTools accounts.
The company urges all DomainTools account holders to change the passwords they use as a precautionary measure, although as the company says, their research does not show that passwords have leaked.
As it seems hacker used email addresses from previous known breaches and ran them through the service's email update process. In this way he was able to confirm that DomainTools had a limited number of the email addresses used in the attack.
Of course the company ends the email notification of the attack by apologizing to the account holders for the inconvenience it has caused.
DomainTools reported that it has already repaired its security gap and has applied additional monitoring for any account violations after yesterday's hack.
See the email