The Case of the Stolen Domain Names

Avatar of Chris Coyier
Chris Coyier on

Back in 2011, the domain name for this site,, was stolen. “Domain Hijacking,” they call it. It wasn’t just this site, but around 12 others in the design and development space. To this day, none of us really know how it happened and who was behind it, although I believe all the domains are back to their original owners now.

The registrants involved varied, so even that wasn’t a common thread. My best guess was that the bad guys got access to my email but deleted all trace of emails related to domain transfers. Or it was an inside job.

One odd thing about it, for me, was that they never got around to changing any DNS information even though domain name itself was stolen. So the site remained up and I had access to it the whole time. I blogged about it in real time and then again once it was safe.

No amount of backups in the world can save you from a domain name getting stolen. If the DNS, which you no longer control, is changed away from your current hosting, that’s it, it’s gone and it isn’t coming back until you reassert control over that domain name and re-point the DNS.

Another site that was affected was David Walsh’s site. David got it worse because he actually lost access for a while, and got a ransom email like I never did. David’s domain registrar was, and they were the ones who fought on his behalf to get it back. They produced a cool little video about it all:

An especially vile twist to all this was the fact that the domains weren’t just transferred away from one domain registrar to another, but they made three “hops” through different registrants. The whole purpose of that is to make it especially hard to ever get back.

In my case, my domain registrant was GoDaddy, and the story is remarkably similar to David’s. They had to go to war with the situation and get the domain transferred back to them, back through all the hops. I remain grateful to GoDaddy to this day for how they were willing to fight that war, and especially grateful that they won, although I do still remain curious how it happened. These days all my domains remain on GoDaddy, and especially has just about every lock you can possibly put on the dang thing.

David got his back because literally called up the bad guy and apparently applied enough threats that the bad guy himself transferred it back. I believe mine was more of a company-to-company affair.

I feel especially bad for people this happens to who don’t have the ability to make as big of a stink about it as David and I did. Without using Twitter to, as David put it, “put pressure on” (he had a hashtag and everything), he might not have gotten fires that were hot enough and under the right butts to get it done. As we can see with the video above, a good outcome on something like this is good marketing; and a bad outcome is, well, exactly the opposite.

Just three years after that saga went down, my website host was compromised, and that was another whole saga. (I don’t think it was related, but who knows.) The bad guy in that story went by the name Earl Drudge and we even interviewed him on ShopTalk Show.