Featured in the Wall Street Journal ∑ ABC News ∑ BBC News ∑ Forbes ∑  Newsweek ∑ USA Today ∑ New York Times ∑ CNN/Money ∑ Investor's Business Daily


August 27, 2012

Domain Sales

About Us

YTD Sales Charts

E-Mail Us

The Lowdown

News Headlines




Letters to Editor

Latest news of the domain name industry







The Lowdown Subscribe to our RSS Feed
Here's the The Lowdown from DN Journal,
updated daily
to fill you in on the latest buzz going around the domain name industry. 

The Lowdown is compiled by DN Journal Editor & Publisher Ron Jackson.

Major Domain Hijacking Alert: Industry Pioneer Warren Weitzman Has Over a Dozen Domains Stolen From his Enom Account

Warren Weitzman's worst nightmare has just come true.  Weitzman has been in the domain game since 1994 and oldtimers in the industry know him as one of the pioneers in the business. Weitzman is a quiet guy who has never been interested in the spotlight, but as the victim of a major domain hijacking he is speaking up now with the hope that the publicity will lead to the return of his domains and prevent problems for others who might unknowingly buy the stolen names and lose their investment. Weitzman is also trying to find out how the theft happened and he believes the break-in could have occurred as high as the registry level at Verisign.

Weitzman first learned something was wrong on Thursday when Rick Waters, who is developing Adios.com for Weitzman's company, called to tell him that suddenly Adios.com had stopped resolving at the assigned DNS.  "I immediately went into my account at Enom and saw that Adios.com was there, still locked, with the same normal email for me, and everything appeared to be fine," Weitzman said. "But when I did a WhoIs lookup at DomainTools it showed a ĎJohn Thalackerí as the registrant, 000domains as the registrar, and fastpark.net as the dns and lander, plus a phone number that didnít work." (Editor's note: John Thalacker is a veteran domainer whose name was apparently picked at random by the thief for the false WhoIs info on this domain. So John is also being victimized by the criminal). 

"I immediately called Enom, emailed them transfer- 

Warren Weitzman
domain hijacking victim

disputes and inquired how the domain could be in my account while showing another owner in the public record simultaneously.  I alerted everyone I knew, but no one could understand how this could happen,' Weitzman said.

"After contacting Enom, we learned that all of the domains were still locked but Adios.com was no longer in Enom's database.  It had been transferred out. How could this happen without a notifying email, EPP, without a hack at the Verisign level or some kind of cooperation from Enom?  We also found that other domains had been transferred out to the same DNS (fastpark.net) and those names now showed various registrant information (mostly privacy WhoIs)," Weitzman said.   

Weitzman said the initial list of names taken from two different accounts he has at Enom includes these domains:



"All of these names showed in Enomís transfer-out report as moving over the last 2 weeks, Sou.com being the first, moving on the 8th of July," Weitzman said. "While I received a response from the transfer-dispute department at Enom, there has been no explanation nor any guess as to how this could happen."

Even worse, the string of thefts did not end there. Weitzman said, "This morning we noticed two more of our best names, Before.com and Even.com, were moved to Directi overnight with Privacy WhoIs. These domains were both locked and using my primary email as contact information.  I have had them since 1995.  Even after changing passwords on these accounts,  the domains continue to disappear.  How could someone even know my login/username for these accounts, let alone passwords?  This is why we think the error or hack has taken place at Verisign - domains are showing in both registrars at the same time, there are no email notifications or EPP code requests," Weitzman said.

"I am wondering if anyone else has had this experience with Enom or knows whether Verisign has been hacked. We cannot understand how 

this could happen, right under our watchful eyes, and may still be going on. Enom claims to have locked down my accounts from further domain movement and to have contacted the gaining registrars," Weitzman said. "They said they will notify me when they hear back from the registrars who hold the names now."

Meanwhile, some of the names that have already been taken from Weitzman's account continue to move (a common situation with stolen domains). "We noticed that Sou.com, the first of the hijacked domains, was transferred again, this time to NamesDirect as registrar and again, fastpark.net as the lander and another private Whois," Weitzman said. "I hope that by publicizing this, we can find out if anyone else has had this experience and what the resolution might be.  It is also our hope that no one will purchase any of these names," Weitzman added.

If you have any information that could help Warren recover his stolen domains, you can send it to Warren at Warren.com. We will follow up with new developments as they occur.

(Posted July 21, 2009)

For all current Lowdown posts - Go Here

We need your help to keep giving domainers The Lowdown, so please email [email protected] with any interesting information you might have. If possible, include the source of your information so we can check it out (for example a URL if you read it in a forum or on a site elsewhere). 

 Home  Domain Sales  YTD Sales Charts   Latest News  The Lowdown  Articles  
Legal Matters
  Dear Domey  Letters to Editor  Resources  Classified Ads  Archive  About Us

Hit Counter


Copyright 2009 DNJournal.com - an Internet Edge, Inc. company. 
No material may be copied from this site without expressed written consent.