web analytics

Email harvesting attack against DomainTools has been patched

ZFBot

DomainTools notified its customers that an email harvesting campaign utilized a flaw in the individual membership email update processes.

The scripting attack did not compromise usernames and passwords, but tested email addresses against a large database of unrelated data dumps, obtained from LinkedIn, Dropbox or other sources.

DomainTools has patched the flaw that allowed this brute force attack to commence.

They are advising DomainTools account holders to change their passwords as a precautionary measure, particularly if they were shared among several services.

domaintoolsThe full message follows:

 Yesterday DomainTools experienced a high volume user email harvesting campaign which abused a flaw in our individual membership email update processes. To the best of our knowledge, no DomainTools customer login and password combinations were compromised by this scripting effort. However, the campaign appears to have correctly matched a few hundred current or historic DomainTools account email addresses. 

We encourage DomainTools account holders to change their passwords as a precautionary security measure. From our investigation it appears the actor used email addresses from prior well-known breaches and ran those against our email update process.

This campaign resulted in the DomainTools website confirming the existence of a limited number of user email addresses in our membership system. From there, the attacker could conceivably attempt login/password combinations sourced from those prior data dumps such as LinkedIn or Dropbox. These large scale data breaches can be researched at discovery sites such as Have I Been Pwned. 

We want to apologize to our account holders for the inconvenience this may cause. The security of our users is paramount and despite what initially seems like very limited exposure we wanted to notify all our current and prior active users of this situation. DomainTools has patched the system in question and implemented additional monitoring for any account abuse stemming from yesterday’s activity. 

Sincerely,  DomainTools.


Facebooktwitterredditpinterestlinkedinmail
Copyright © 2019 DomainGang.com · All Rights Reserved.

Comments

One Response to “Email harvesting attack against DomainTools has been patched”
  1. kd says:

    Thankfully their service is too expensive now. My account is now closed for good. Bye bye after nearly a decade of being a customer.

Leave a Reply

Your email address will not be published. Required fields are marked *

 characters available