Security threats Toolkit

Teenager admits eBay domain hijack

Martin Fiutak ZDNet Germany

Published: 06 Sep 2004 15:35 BST

German police said on Saturday that a 19-year-old from Helmstedt, Lower Saxony, has admitted to hijacking the domain of the eBay Germany Web site and is likely to face charges of computer sabotage, according to ZDNet Germany.

The domain hijack attack happened at the end of August when visitors to the eBay.de site were redirected to a different domain name server (DNS), meaning that they could not access auctions.

According to Frank Federau, a spokesman for the Lower Saxony police, the 19-year-old is not a computer expert. The boy claims to have merely stumbled across Web sites which described how to do a DNS transfer.

He claimed that "just for fun" he requested a DNS transfer for several sites including Google.de, Web.de, Amazon.de and eBay.de. Most of these transfers were denied, but the transfer for eBay went ahead. It is unclear how the domain could have been transferred without the consent of the owner.

The teenager said he did not want to cause damage. Indeed, according to Federau, he was shocked when he was told that he had become the new owner of the eBay.de Web address. The domain has now been returned to its rightful owner.

Ebay stated that user data was not endangered by the domain hijacking.

In May this year another teenager from Lower Saxony was arrested on suspicion of creating the Sasser computer worm that infected millions of computers worldwide. The case against the Sasser suspect is due to start soon.

The full news report (in German) on the eBay domain hijacking can be found here.