July 26, 2017

MySpace Asked GoDaddy To Drop SecLists

At the request of MySpace, domain registrar GoDaddy removed DNS records for SecLists.org after the security site published a list of 56,000 MySpace usernames and passwords that has been circulating the Internet.

MySpace Asked GoDaddy To Drop SecLists
MySpace Asked GoDaddy To Drop SecLists

That list made it onto the Full Disclosure mailing list, operated by the pseudonymous security researcher and Nmap scanner creator Fyodor. After being sent out on Full Disclosure, SecLists.org archived the list in its 250,000 page archive.

But rather than taking one of a number of other approaches, such as contacting Fyodor directly, or submitting a DMCA request to GoDaddy requesting removal of the page, MySpace contacted GoDaddy directly and engineered the shutdown, Kevin Poulsen said at the 27B Stroke 6 blog.

Although a GoDaddy representative claimed in followup comments to Poulsen that they waited an hour between trying to reach him and shutting off access to SecLists.org, Fyodor provided Poulsen with a timestamped voicemail of that call, and the email announcing the domain had been deleted.

Total time between the two: one minute. The response of GoDaddy’s Christine Jones to that: “I think the fact that we gave him notice at all was pretty generous,” she said.

Fyodor’s experience with GoDaddy proved frustrating, as he documented in a message to SecLists.org visitors on the now-reinstated website:

Neither the email nor voicemail gave a phone number to reach them at, nor did they feel it was worth the effort to explain what the supposed violation was. They changed my domain nameserver to “NS1.SUSPENDED-FOR.SPAM-AND-ABUSE.COM”. Cute, eh?

I called GoDaddy several times, and all three support people I spoke with (Craig, Ricky, then Wael) said that the abuse department doesn’t take calls. They said I had email abuse_at_godaddy.com (which I had already done 3 times) and that I could then expect a response “within 1 or two business days”.

Given that tens of thousands of people use SecLists.Org every day, I didn’t take that well.

The list in question had been circulating online for nine days by the time MySpace had GoDaddy remove the domain. It can be found through a search on Google in 0.02 seconds according to a query I performed for the list. Plenty of malicious people have it already.

Fyodor expressed his displeasure with the registrar during his conversation with Poulsen. “Needless to say, I’m in the market for a new registrar. One who doesn’t immediately bend over for any large corporation who asks,” he said.

It’s going to take more than a declined Super Bowl ad for GoDaddy to rebuild its goodwill after this.

Tags: , , ,

Add to Del.icio.us | Digg | Reddit | Furl

Get all the updates –

About David Utter 902 Articles
David Utter is a business and technology writer for SecurityProNews and WebProNews.