eBay Germany domain hijack: No prosecution imminent

The Internet auction house has no plans at present to take legal action against the 19-year-old who confessed to hijacking its Web site
Written by Martin Fiutak, Contributor and  Ingrid Marson, Contributor
A school pupil who admitted taking ownership of the eBay Germany domain will not face charges immediately as eBay Germany first wants to investigate the incident further, according to ZDNet Germany.

The 19-year-old from Helmstedt, Lower Saxony, confessed last week to requesting a DNS transfer for eBay.de, but claimed that he did not want to cause damage.

Maike Fuest, a spokeswoman for eBay, said on Tuesday that the company is not taking any action until it has investigated the incident.

"We want to carefully check all the facts, before we do anything," said Fuest.

The teenager is likely to face charges of spying on data and computer sabotage, according to Frank Federau, a spokesman for the Lower Saxony police.

The domain hijacking incident happened at the end of August. The teenager claims that he stumbled across Web sites which described how to do a DNS transfer and "just for fun" requested a domain name server (DNS) transfer for several sites including Google.de, Web.de, Amazon.de and eBay.de.

Most of these transfers were denied, but the transfer for eBay went ahead. It is unclear how the domain could have been transferred without eBay's consent.

Mike Prettejohn, director of Web services firm Netcraft, told ZDNet UK on Wednesday that one way of hijacking an organisation's domain over the Internet is to take control of the authoritative name server, a server that maintains the 'IP address-name' mapping for a group of hosts.

Prettejohn said that authoritative name servers are usually run by either an ISP or by the organisation itself. It is possible that someone could hack into the authoritative name server and thereby be able to execute unauthorised DNS transfers.

But most domain hijackers normally work over the phone rather than the Internet, according to Prettejohn.

"The traditional way that domain hijackers work is by ringing up the country's DNS registry office and tricking them to transfer the domain name to a different IP address by providing faxes or company letterheads," said Prettejohn.

Editorial standards