What is Domain Hijacking (Tutorial) ?

What is Domain Hijacking (Tutorial) ?

Domain Hijacking-
Generally Domain hijacking refers to the process of hacking domain names and transferring it from current registrant to other without the permission of original registrant or to take control of the domain and alter it for his/her sole purpose. Most of these attacks are generally happened by exploiting a vulnerability in the domain name registration system. 

How Domain Names get hijacked:

To Hijack a domain name hacker need to get full access to the domain control panel, For that he need to know the information like "domain registrar name" and "administrative email address".
Now to get this information of a targeted domain he uses WHOIS database. As WHOIS database is public, a hacker uses WHOIS tools like ( whois.domaintools.com or other which are widely available in internet). 

Now hacker gets the information domain registrar name and administrative email address of targeted domain. From here the game starts...

The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it.

Once the hacker gets full access to targeted email account, he will make a visit to domain registrar’s website and click on forgot password in the login page. So that domain registrar will send password reset details to domains administrative email account. As the hacker had full access to administrative email account, he uses the details sent to it and makes a login to the domain control panel.Once he gets access to domain control panel he can do what ever he want to do.

What happens if a Domain name is Hijacked:
Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.  
If a Domain name is hijacked, hacker can transfer the targeted domain name from the original registrant to other by which the real owner losses his domain name.
This is another side of what a hacker can do. For example, if a hacker gets access to the domain control panel of  “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).
In this case the domain name (abc.com) is said to be hijacked.

Prevention:
►To prevent a domain from being hijacked protect your admitrative email account.
►Another best way to protect your domain is to go for private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.

pls pass your comments!