Browser hijack uses a similar domain name to mine

domain-name hijack

I own the domain gimmeanswers.com unfortunately I've become aware of a browser hijack which uses the gimmeanswers.org (which I don't own) domain as a redirect.

Searches for my legitimate domain name now return a large number of results for this exploit with my .com version attached. As far as I can see the legit dns for my domain is intact and having checked from several remote servers the page I expect to appear, does. So I'm assuming if people with the hijack are being sent to what appears to be my domain then it must be messing with the hosts/dns cache too.

Obviously I have nothing to do with the hijack nor the .org but I've started getting emails from people assuming I do.

Is there anything simple I can do to get the association with my legit name removed from the search results/any advice from someone who has been in a similar situation?


Solution 1:

In addition to what Silviu said, I'd also like to suggest contacting ICANN or the Domain Regisrar about the issue, if you can prove that the domain (gimmeanswers.org) is behind the browser hijack.

A quick whois search for both the .com and .org domains reveal they are both registered at GoDaddy (although you already knew that yours is registered at GoDaddy).

A quick Google search for "gimmeanswers" did give me quite a bit of information about the virus- seems a lot of people are talking about it. Maybe you could use that as leverage to get the domain registrar to suspend the domain?

Solution 2:

This is one of those cases in which you wish you would've done what you should have. It's always good practice if you have a (promising) business, to register as many domains as possible in order to protect your company/brand/etc. Also the registrars encourage you to do so, by offering reductions for the same name but different domain (.org, .info, .net, etc).

From another point of view, the attackers might have exploited your site which could now contain malicious code serving malware via drive-by downloads.

A suggestion would be to notice for example Google (for Chrome) and Mozilla (for Firefox) about the malicious website.

Related

Windows firewall logging. Log file is always blank
How to prevent asymmetric routing with multiple eBGP routers?
Zabbix graph of item from different hosts
RabbitMQ Erlang Cookie [closed]
Are there certain specific host file entries that Windows 2008 will ignore for security purposes?
Monitor Outbound DNS (Website) Traffic
Mixing SFP's with different speeds
Full status information in Nagios email notification?
How to prevent IO Load under Linux for Video serving?
Active Directory Domain Name for authentication
How to specify install order for python pip?
In Vim, why doesn't my mouse work past the 220th column?