It’s always important to do due diligence on the history of a domain name before buying it to ensure it is not a stolen asset. This morning, George Kirikos shared a warning on Twitter to advise people to keep an eye out for domain names that could have been stolen due to a recently found vulnerability:
Keep an eye out for stolen domains during this holiday season. Due to a vulnerability in a Java logging library (which came to light last week):https://t.co/sFy7KUYvM9
some registrar systems might be vulnerable, leading to an increase in domain thefts. #ICANN #security
— George Kirikos (@GeorgeKirikos) December 13, 2021
I have no reason to believe this vulnerability is going to impact any domain registrars. I have not heard anything from anyone about this beyond George’s tweet. However, many companies won’t publicly share something of this nature until they have patched systems or are responding to an incident.
It is always essential to do due diligence before buying a domain name in private or on a sales platform. It might be even more important to do so now in light of this newly discovered vulnerability.
Due diligence on a domain is always a good thing; we have been seeing an uptick in the number of domains stolen and continue to do stolen domain recoveries every single day.
What we’re seeing is that registrars that have been hacked or compromised years ago (even 10+ years ago) are having domains stolen now.