It appears as if craigslist.org’s nameservers have been briefly hijacked via their registrar, Network Solutions. Don’t let it happen to you:
- Enable 2-factor authentication on your account (if your registrar offers it)
- Enable account ACLs or geo-targeted login restrictions on your account (if your registrar offers it)
- Enable event notifications on your account (if your registrar offers it).
You can access these functions on easyDNS via the Security menu in your left-hand side menu.
Or… switch to a registrar that offers these security controls.
It is unclear if the domain was compromised via a phishing attack, some other user-side attack vector, or through a social engineering or other process weakness on the Network Solutions side. NetSol has been known for letting the odd domain slip away via social engineering or falsified data resets. (See Kieren McCArthy’s exhaustive coverage of the multi-year, multi-million dollar odyssey of the sex.com hijacking.)
Leave a Reply