New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Dns hijacking?
cosmicgate
Member
in General
Anyone know how in the freaking world did dns on my unused domain on cloudflare changed to an unknown ip? Also my account password on cloudflare was incorrect. I had to reset my password. If i indeed got hacked, how was it possible when i have 2 factor authentication enabled?
Also the bug/hack or whatever it is seems to only affect my unused domains. My other domains seems like not affected.
Comments
This would suggest to me that they may have a hole that allows people to bypass 2FA. Certainty less likely than compromising your 2FA I would think, but surely that must be on the table as well.
Might be worth considering everything involved to potentially be compromised (email and all).
You should definitely contact CF and ask them for more information.
Left yourself logged in? Cookie stealing/session hijacking?
I would expect that you have to re-authenticate to change the account password, so that does not explain it fully.
If it is indeed DNS hijack/poisoning, you should consider DNSSEC. They offer it for free.
It can't be. The CloudFlare account was hacked, not the DNS itself ._.