GoDaddy Deletes SecLists at the Behest of MySpace

At the alleged request of MySpace.com, Internet Service Provider GoDaddy.com shut down a popular hacking website this week, arousing fiery accusations.

MySpace logged a complaint with domain name registrar GoDaddy about a website involved with security-related issues. The website included a collection of MySpace usernames and passwords in its archives. On receiving the complaint, GoDaddy pulled down the Seclists.org that comprises 250,000 pages.

GoDaddy hosts nearly 18 million domains for its customers. Owner of Seclists.org, Fyodor Vaskovich said GoDaddy shut down his site without prior notice. The ISP completely erased his domain name making the site unreachable for approximately seven hours on January 24, 2007. When Vaskovich came to know what was happening, he took away the password list.

Although GoDaddy ultimately restored the site and kicked off the site's service again, Vaskovich criticized the ISP sharply for acting hastily and not giving Vaskovich time to do the removal of the post himself.

Vaskovich wrote on his Web site that instead of asking him to remove the password list, MySpace decided to tell GoDaddy to pull away the whole site of 250,000 pages just because they didn't like one of them. GoDaddy responded rather cowardly and lazily, he wrote, by simply closing down the site rather than launching an investigation or giving Vaskovich an opportunity to comply with the complaint.

The list had been active on the Internet for nine days by when MySpace and GoDaddy deleted the domain. The list could be found through a Google search, and many malevolent people have it already.

Defending the ISP's decision for deletion, GoDaddy general counsel Christine Jones said that the registrant was not available for a discussion. At the same time it was necessary to protect the MySapce users from possible revelation of their personal information, so they erased the site.

This is the second instance of MySpace having to chase a list of passwords that slipped by leakage. In 2006, MySpace users were victims of a phishing attack when a file of 34,000 passwords was accessed. The company has since launched many initiatives to better the security of its community.

Related article: Gate Glitch Allows Free Ride to Tokyo Rail Commuters

» SPAMfighter News - 1/30/2007