Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Dns hijacking?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Dns hijacking?

Anyone know how in the freaking world did dns on my unused domain on cloudflare changed to an unknown ip? Also my account password on cloudflare was incorrect. I had to reset my password. If i indeed got hacked, how was it possible when i have 2 factor authentication enabled?

Also the bug/hack or whatever it is seems to only affect my unused domains. My other domains seems like not affected.

Comments

  • jarjar Patron Provider, Top Host, Veteran

    This would suggest to me that they may have a hole that allows people to bypass 2FA. Certainty less likely than compromising your 2FA I would think, but surely that must be on the table as well.

    Might be worth considering everything involved to potentially be compromised (email and all).

  • You should definitely contact CF and ask them for more information.

    Thanked by 1BensDaMan
  • Left yourself logged in? Cookie stealing/session hijacking?

  • linuxthefish said: Left yourself logged in? Cookie stealing/session hijacking?

    I would expect that you have to re-authenticate to change the account password, so that does not explain it fully.

  • If it is indeed DNS hijack/poisoning, you should consider DNSSEC. They offer it for free.

  • @Ishaq said:
    If it is indeed DNS hijack/poisoning, you should consider DNSSEC. They offer it for free.

    It can't be. The CloudFlare account was hacked, not the DNS itself ._.

Sign In or Register to comment.