Corp.com, the potentially “most dangerous domain name in the world” that could be the source of corporate data leakage, was put up for auction. The initial price of the lot is $1.7 million.
The first businessman who got corp.com was Mike O’Connor. In the mid-1990s, the investor founded his own Internet service provider (Go-fast.net), which registered such “site names” as bar.com, pub.com and place.com. Subsequently, these addresses, he said, were sold for “very large” amounts.
However, corp.com, considering it to be his most valuable asset, O’Connor has so far refused to sell. This domain may seem harmless, writes Krebs On Security, but in reality, its owner will be able to connect to an “endless stream of confidential information” by receiving email addresses, passwords and other data from major companies around the world.
It’s all about the features of early versions of Windows (for example, Windows 2000 Server), which uses Active Directory to compare computers connected to one internal corporate network. By default, this service refers to the corp domain, which poses no threat if the computer is on a local network. However, if the computer is online, the Active Directory connects to a third-party server that is referred to corp.com and ‘leaks’ sensitive data to it.
“This problem is known as ‘namespace collision’ – a situation where domain names that were intended to be used exclusively on a company’s internal network eventually intersect with domains that are on the public Internet,” explained computer security researcher Brian Krebs. Few companies have changed the Active Directory default settings, however. As a result, when you get corp.com, its owner will be able to redirect the flow of information to his server.
O’Connor expressed his hope that corp.com would be bought out by Microsoft. Otherwise, the domain could go to cybercriminals interested in stealing corporate information.