How Did Hackers Get To Newtek Domains?

We often wonder: just how does cyber crime affect day-to-day business? Here’s a clue: Newtek Technology Solutions, a web-hosting company, had several domains stolen last weekend, resulting in email outages and stranded website, according to the blogger Krebs on Security.

That was potentially devastating for the small- to medium-sized firms that rely on Newtek. The company manages over 100,000 business sites, Krebs states 

The firm has acknowledged the problem — belatedly, if Krebs is correct — and is urging customers not to use certain domains. 

Newtek has not responded to a request for comment at press time .

According to Krebs, “three of Newtek’s core domains were hijacked by a “Vietnamese hacker, who replaced the login page many Newtek customers used to remotely manage their Web sites (webcontrolcenter[dot]com) with a live Web chat service.”



Last Saturday, Newtek sent an email that did not allude to the problem. Instead, it advised customers of “an immediate change that will require a slight adjustment in how you direct your website's domain name to your hosting solution at Newtek Technology Solutions. Please make this change immediately so that you will not risk an interruption to your service.”

A later email said, in part:

“Approximately ten hours ago, we sent you a notification regarding a change to our DNS name servers.

“This change was a proactive response to a contest over the three following domain names: webcontrolcenter(dot)com, thesba(dot)com, and crystaltech(dot)com. We strongly request that you eliminate these domain names from all your corporate or personal browsers, and avoid clicking on them.

"At this hour, it has become apparent that as a result over the dispute for these three domain names, we do not currently have control over the domains or email coming from them.

"There is an unidentified third party that is attempting to chat and may engage with clients when visiting the three domains. It is imperative that you do not communicate or provide any sensitive data at these locations.”

Wow. If it can happen to Newtek, it can happen to anyone. And thanks to Krebs for pointing it out. Not that it has affected the firm in other ways: Domain Name Wire notes that, “amazingly,Newtek’s stock opened up to begin the day.”


Next story loading loading..