An individual at DigitalEagle’s Digital Marketing Agency based out of Australia was able to purchase the rights to domain “scottmorrison.com.au,” the domain that hosted the official website of Scott Morrison, the current Prime Minister of Australia. The individual purchased the rights to the domain at an auction for expiring domains for fifty US dollars.
After the purchase of the domain, the individual created a fresh WordPress site hosted on the domain and placed humorous content poking fun at the prime minister including references to the song “Scotty Doesn’t Know” from the 2004 film Eurotrip.
It appears that the new website was up for two days from October 18th to October 20th and went viral receiving over 340,000 visitors. The individual that hijacked the site blogged the experience and detailed other alternate scenarios that could’ve ensued if a malicious attacker would have taken control of the domain. This could have included using the domain to phish for sensitive information, receive sensitive emails, or continue to maintain the site and deliver fake content regarding political opinions of the PM. After two days, the hijacker gladly gave back the domain and the original website has since been restored. No crimes appear to have been committed in this particular situation and no arrests have been made.
Proficio Threat Intelligence Recommendations:
- Validate a procedure is in place to renew domains owned by the organization.
- Have a monitoring solution in place to look for major content changes to hosted websites.