
Tell HN: Some .tk domains have been hijacked - networked
Some .tk domains, including tcl.tk and tclers.tk, which host the development of the programming language Tcl, were hijacked yesterday and now redirect to a BitTorrent tracker. Both tcl.tk and tclers.tk, though owned by different accounts, had their domain delegation changed to point to a server that is under the control of the attackers. The owner of the tclers.tk account has confirmed that he can no longer access his customer account using his credentials nor reset the password for the account. Based on the tclers.tk case a brute force attack against the passwords seems unlikely. The tclers.tk account was still accessible by the owner earlier in the day, so a session stealing vulnerability on dot.tk is possible. The public WHOIS information of the affected domains has not changed so far.<p>The following high-traffic (per Alexa) .tk domains currently resolve to the IP address of server mentioned above: http:&#x2F;&#x2F;pastebin.com&#x2F;PLh2amVx. DotTk has not made any announcements regarding the situation yet.
======
kennykb
Since the situation is unlikely to be resolved quickly enough to satisfy, the
Tcl Community Association has obtained new domain names wiki.tcl-lang.org,
core.tcl-lang.org, and www.tcl-lang.org that designate the same hosts that
wiki.tcl.tk, core.tcl.tk and www.tcl.tk, respectively, had designated. It is
intended that both name registrations will be maintained in the future,
provided of course that control of the .tk names can be recovered.

~~~
qewrffewqwfqew
In clickable form:

[http://wiki.tcl-lang.org/](http://wiki.tcl-lang.org/) (also
[https://tcl.wiki/](https://tcl.wiki/) )

[https://tcl-lang.org/](https://tcl-lang.org/)

[http://core.tcl-lang.org/](http://core.tcl-lang.org/)

------
networked
The credit for the information in the post goes to Reinhard Max and Pixelz
from the Tcl Chatroom.

------
rmax
tcl.tk has meanwhile been restored, but the account for tclers.tk is still
unaccessible.

~~~
rmax
Now it is gone again. Looks like the registry only restored the account of the
owner of tcl.tk, but didn't close the security hole that allowed the hijacking
at first place.

