dslreports logo
Comcast Domain Hacked
Comcast Network Solutions Account Compromised?

Starting late yesterday, Comcast users began noticing that Comcast.net had been hacked. More technically, early indications are that someone hacked Comcast's registrar account at Network Solutions, changing the authoritative DNS servers for Comcast.net -- rerouting portal visitors to IP addresses in Germany or elsewhere. Where once Comcast's portal sat, users were instead greeted with the following text (see screenshot):

quote:
KRYOGENICS Defiant and EBK RoXed Comcast

sHouTz to VIRUS Warlock elul21 coll1er seven


Click for full size
The problem is impacting user access to the Comcast portal, webmail (obviously) and the official Comcast forums. Though there's no indication that user privacy is jeopardized, you may want to avoid using Comcast webmail until things have been completely cleared up. Comcast tells us they're aware of the problem.

We believe that our registration information at the vendor that registers the Comcast.net domain address was altered, which redirected the site, and is the root cause of today's continued issues as well.
-Comcast Spokesman Charlie Douglas
"We are aware of the problem and working to get this resolved as quickly as possible," says one technician. "Our sincere apologies for any inconvenience this may be causing." According to the tech, Comcast DNS servers have been corrected, but it will take some time for the fix to propagate out to other servers.

"Depending on the TTL for those servers, this could take several hours and in rare cases, longer," he says. Several users tell me that when they called Comcast customer support, they were told that the outage was due to "routine maintenance."

I spoke with Comcast spokesman Charlie Douglas briefly about last night's events.

"Last night users attempting to access Comcast.net were temporarily redirected to another site by an unauthorized person," he says. "While that issue has been resolved and customers have continued to have access to the Internet and email through services like Outlook, some customers are currently not able to access Comcast.net or Webmail." Douglas says that network engineers continue to work on the issue.

"We believe that our registration information at the vendor that registers the Comcast.net domain address was altered, which redirected the site, and is the root cause of today's continued issues as well," he says. "We have alerted law enforcement authorities and are working in conjunction with them."

There's additional user discussion in our forums, where users have been talking about the hack overnight.

Most recommended from 81 comments



Matt3
All noise, no signal.
Premium Member
join:2003-07-20
Jamestown, NC

3 recommendations

Matt3

Premium Member

NetSol Account Password?

I bet it was something easy to guess. My money is on p2psux0rz!