Domain hijacking explained
Domain hijacking is the process by which internet domain names are stolen from the rightful registrant.
Many people confuse domain hijacking with the reregistration of an expired domain by a new party. One is a legal process and one is not. Domain hijacking is theft, while if a name owner does not renew a name he or she is no longer the owner and it is available for someone else to register.
Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases, identity theft is used to trick the domain registrar into allowing the hijacker to change the registration information to steal control of a domain from the legitimate owner.
Some registrars are quick to set things right when these cases are discovered. However, it is well documented that some registrars will admit no fault in accepting the forged credentials and will refuse to correct the record until forced by legal action. In many of these cases, justice is not done and the hijacker retains control of the domain. The victims of such theft often do not have the resources or willingness to invest the effort necessary to regain control of their domain, which may require a lawsuit or a lengthy and time-consuming arbitration process, especially if the hijacker and victim are in different countries. Hackers that have hijacked a domain can do anything with that name, including putting up their own website or redirecting those who visit the address to another site.
Extensible Provisioning Protocol is used for many TLD registries, and uses an authorization code issued exclusively to the domain registrant as a security measure to prevent unauthorized transfers.
Many people confuse domain hijacking with the reregistration of an expired domain by a new party. One is a legal process and one is not. Domain hijacking is theft, while if a name owner does not renew a name he or she is no longer the owner and it is available for someone else to register.
Domain theft
Domain theft is an aggressive form of domain hijacking that usually involves an illegal act. In most cases, identity theft is used to trick the domain registrar into allowing the hijacker to change the registration information to steal control of a domain from the legitimate owner.
Some registrars are quick to set things right when these cases are discovered. However, it is well documented that some registrars will admit no fault in accepting the forged credentials and will refuse to correct the record until forced by legal action. In many of these cases, justice is not done and the hijacker retains control of the domain. The victims of such theft often do not have the resources or willingness to invest the effort necessary to regain control of their domain, which may require a lawsuit or a lengthy and time-consuming arbitration process, especially if the hijacker and victim are in different countries. Hackers that have hijacked a domain can do anything with that name, including putting up their own website or redirecting those who visit the address to another site.
Prevention
Extensible Provisioning Protocol is used for many TLD registries, and uses an authorization code issued exclusively to the domain registrant as a security measure to prevent unauthorized transfers.
📣 Latest tweets mentioning Domain hijacking
Domgys.in 🏆 Semrush 9,180,653 - 📅 - #DOMGYS: Unlock global potential with a .global domain—boosting reach, strengthening brand identity, and connecting worldwide. Let's connect with us at sales@domgys.com #Domgys #Domainnames #TrustedDomain #SecureYourDomain #DigitalIdentity #Premiumdomains #Domainregistrations
Ename 🏆 Semrush 2,828,154 - 📅 - Dec 11th Top #Auction sale in #China goes to HENANYZ.COM at $4,402 Full list here- more info The list may include ReserveNotMet or potential Default cases #letters #7L #com #4figures #daily #domain
registry.co.ug 🏆 Semrush 12,864,144 - 📅 - Festive Savings! Get 20% OFF + a FREE .ug domain, email, eSignature & web hosting when you buy 3 Microsoft 365 licenses! Boost your business today more info 031 230 1800 | Sales@ms.i3C.Co.Ug #FestiveOffer #Microsoft365 #HolidayDeals
internet.ee 🏆 Semrush 2,372,095 - 📅 - Domain auction brings tens of new .ee domains to the market every day. See the full list and place your bid atauction.internet.ee. #domains #domainsale #domainsforsale
registry.in 🏆 Semrush 1,073,223 - 📅 - Innovation thrives on clarity and identity. Choose your tech-focused .IN domain and strengthen your brand’s digital presence. Visit more info to explore more. #Internet #Domain #NIXI📖 Latest blogs mentioning Domain hijacking
🏆 Semrush 800,802 - 📅 - What is Domain Hijacking? Everything to Know About Domain Hijacking Attacks - What is Domain Hijacking? Domain hijacking, also referred to as domain theft, refers to the act where the registrant of a domain name has their domain name taken over without their permission. This happens when a hacker somehow gets into the account
🏆 Semrush 1,306,576 - 📅 - Domain Transfer Lock: Domains.co.za Becomes First Registrar To Offer Free .co.za Security Feature - 1 April, 2025, Johannesburg – Domains.co.za has become the first South African Registrar to offer its .co.za customers a Domain Transfer Lock security feature. This extra security feature is FREE to all of its .co.za, org.za, .net.za, and .web.za ...
🏆 Semrush 4,681,134 - 📅 - What is Domain Hijacking? - Domain hijacking is a serious threat that involves someone taking control of your domain name without your permission. This typically occurs through methods such as phishing, exploiting weak security, or tricking domain registrars. Once hijacked, ...
🏆 Semrush 350,681 - 📅 - Domain Theft: How to Prevent Your Domain Name From Being Stolen - In 2023, Frax Finance’s domain was compromised, and the company only regained control after intensive troubleshooting by its domain registrar. Here are 11 ways to avoid your company being the victim of domain hijacking. As your business grows and ...
🏆 Semrush 395,070 - 📅 - What is Domain Protection? - Domain protection is a significant aspect of safeguarding your domain name from potential risks and threats. Whether you’re an individual or business owner, understanding how to protect your domain is essential for maintaining online security and ...
🏆 Semrush 3,217,048 - 📅 - Domain Squatting: The Dangers and Strategies for Preventing Domain Hijacking - In the vast landscape of the internet, securing the right domain name for your online business is crucial. However, there … Domain Squatting: The Dangers and Strategies for Preventing Domain Hijacking Read More »
🏆 Semrush 35,150 - 📅 - Revisiting How Registrants Can Reduce the Threat of Domain Hijacking - Recent events1,2 have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted3, there are many security controls that registrants can utilize to help strengthen their security posture.📋 Latest news about Domain hijacking
Domain Hijacking Story Still Unresolved - 📅 - According to reports, an investigation into the hijacking of the domain name of New York-based ISP Panix (panix.com), launched on January 18 by the Internet Corporation for Assigned Names and Numbers (ICANN.org), has yet to make its findings public. The domain name for Panix was reportedly ...