Gte Hit With Domain Hijack
by Kevin Poulsen
GTE Internet, a nationwide ISP, became the latest victim in a string of domain name hijackings over the weekend, briefly losing their domain name GTE.net to an unknown usurper, the Texas based company confirmed Tuesday.
"It was detected early Saturday morning, and fixed on Sunday," said company spokesman Jim Burkhardt. "We are now working with the proper federal and state authorities."
On Tuesday, whois records still listed the technical and administrative contact for GTE.net as "Christian Schmidt," with a German mailing address, and show that the domain's name server was changed from a GTE computer to MyInternet.com, which provides free, user-changeable domain name service to the public.
GTE Internet insisted that customers were not affected by the name grab, but acknowledged that the domain was briefly unreachable over the weekend, before GTE contacted domain registrar Network Solutions Inc. (NSI) and regained control of the name on Sunday.
Some smaller ISPs that don't refresh their domain records quickly may have been blocked from reaching GTE.net for longer. "We had perhaps fifty people out of all the Internet population contact us," says Jeri Cowan, director of customer service delivery.
Domain name hijackings are an increasingly common online annoyance. This weekend, e-commerce portal Internet.com found its name transferred to another, apparently fictitious, company -- but the site reportedly remained reachable.
Sources said that GTE.net was hijacked with a forged email message addressed to NSI's Internic registry. "We've worked with Internic to put in place a more stringent mechanism to make sure this doesn't happen again," said Cowan. "We have locked all of our domains."