A URL used by PC giant Dell to provide support to customers was hijacked for several weeks this summer after the company failed to renew it.
The DellBackupandRecoveryCloudStorage.com domain name is used on virtually all Dell computers to service its Dell Backup and Recovery Application. The service is intended to help users restore their PCs to their factory state, if they have some kind of issue with their PC, as well as to restore their data.
As such, if the domain name were to fall into the wrong hands it could be used to surreptitiously implant malware on unsuspecting users' PCs.
But according to security researcher Brian Krebs the URL went missing for a month this summer, when it was transferred from the ownership of backup and imaging software company SoftThinks, which runs the service on Dell's behalf.
"From early June to early July 2017, DellBackupandRecoveryCloudStorage.com was the property of Dmitrii Vassilev of ‘TeamInternet.com', a company listed in Germany that specializes in selling what appears to be typosquatting traffic. Team Internet also appears to be tied to a domain monetization business called ParkingCrew," explained Krebs.
He adds that "approximately two weeks after Dell's contractor lost control over the domain, the server it was hosted on started showing up in malware alerts" from tools from vendors that include Rapid7 and Carbon Black, one of which connected the domain to the propagation of ransomware.
However, Krebs' contacts say that they didn't see any attempt to infiltrate PCs with any form of malware and a Dell spokesperson told Krebs that it had discontinued the Dell Backup and Recovery application in 2016.
The company claimed: "A domain as part of the cloud backup feature for the Dell Backup and Recovery (DBAR) application, www.dellbackupandrecoverycloudstorage.com, expired on June 1, 2017 and was subsequently purchased by a third party.
"The domain reference in the DBAR application was not updated, so DBAR continued to reach out to the domain after it expired. Dell was alerted of this error and it was addressed. Dell discontinued the Dell Backup and Recovery application in 2016."
For Krebs, though, this may tie-in with ongoing Dell customer support scams, with the scammers able to reel off users' unique Dell service tags as proof of their bona fides.
"How can scammers have all this data if Dell's service and support system isn't compromised… Dell continues to be silent on what may be going on with the service tag scams," wrote Krebs.
New regulation expected to cut greenhouse gas emissions by about 17 million metric tonnes between 2020 and 2050
Molybdenum ditelluride is a two-dimensional material that can be easily stacked into multiple layers to create a memory cell
New light-guiding nanoscale device can control and monitor a nanoparticle trapped in a laser beam with high sensitivity
Optical traps are scientific instruments in which a focused laser beam is used to exert an attractive or repulsive force on a microscopic object to hold it in place
Scientists estimate that the exoplanet has already lost up to 35 per cent of its mass over its lifetime