The ‘Perl.com’ Domain Was Snatched by Malware Distributors

  • Hackers stole a “com” Perl domain that now sits on a malware distribution IP address.
  • The domain was stolen a while back, then moved around to different registrars, and finally set to a blank HTML.
  • The community has moved the site under Perl’s official “org” domain and awaits a resolution.

‘Perl.com,’ a domain that has been used to post topics relevant to the Perl programming language since 1997, has now fallen into the wrong hands. According to multiple reports, the new IP address that the domain is pointing to is associated with past malware distribution campaigns. This development follows a period of weird things concerning its registration.

The problem apparently started back in September 2020, when someone hijacked the domain, but nobody noticed at the time. Several weeks later, on Christmas Day, the new owner moved the domain from Network Solutions to a Chinese registrar.

Finally, on January 27, 2020, a move to Key-Systems was completed. This move was accompanied by a new IP address, so now everyone noticed. Also, the domain now leads to a blank page, and the new owners are trying to sell it for $190,000 through Afternic.

Source: Afternic

The rightful owner of Perl.com, Tom Christiansen, normally had until 2029 to renew the domain, so this is clearly a domain theft case. The registrar shouldn’t be able to delete or move the domain without the owner’s consent, but they can change the nameservers, which is what seems to have happened in this case.

Thankfully, and because legitimate companies are involved, getting the domain back to its rightful owner should be possible, although not free of complications. In the meantime, Perl’s official ‘Perl.org’ website is up and safe to use, while the community of Perl.com has moved to ‘perldotcom.perl.org’ temporarily. Until the original domain is recovered, users are advised to use that domain instead.

The current IP address on Perl.com has been associated with numerous malware distribution campaigns, so the people who snatched the domain acted very targeted and purposefully. The domain is not currently sending out any malicious files, but this could change at any time. So, just avoid visiting it - there’s nothing to see there anyway.

As for who these hackers are, The Register claims to have reliable information about a Moldovan based in Chisinau, including names and email addresses.

REVIEW OVERVIEW

Latest

Proton VPN Gets a Design Refresh & Better Integration With Other Proton Services

Proton VPN gets a new logo, color palette, and subtle changes to its UI.There’s a simpler pricing structure, letting you bundle Proton-branded...

How to Watch That Damn Michael Che Season 2 Online From Anywhere

Did you miss a theme or incident, such as police brutality, unemployment, and romance, and use sketches and vignettes to illustrate what...

How to Watch Look At Me: XXXTENTACION Online From Anywhere – Stream the Jahseh Onfroy Documentary

Look At Me: XXXTENTACION is an upcoming documentary detailing the late artist's monumental come-up and tragic death. We have all the information...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari