Metricom's Ricochet.net domain name was allegedly
commandeered by hackers Tuesday, causing emails sent to users of the
company's wireless modems to bounce back to their senders for about 48
hours, the company confirmed.
Visitors to the Ricochet.net Web site also were redirected to a
pornographic site for nearly two days and some incoming emails
continued to bounce back until early yesterday, according to Metricom
executives. Service returned to normal by yesterday afternoon, executives said.
The culprits, who have not been determined, allegedly forged a fake email
address and fooled Net domain name registrar Network Solutions into
redirecting Ricochet.net traffic to another site. Metricom, which used the
least secure of three security features offered by Network Solutions, has
since upgraded to a stronger security service.
The method used in the Metricom hack, often referred to as a "DNS spoof," is fairly common, while the hack itself caps a difficult week for the domain name system (DNS), the technology that directs Internet domain names to their corresponding Internet
Also yesterday, Web hosting firm C I Host had problems with its DNS system, causing outages with as many as 48,000 Web sites. Earlier this week, a Linux programmer thwarted potential problems for Hotmail users by paying a delinquent domain name registration fee.
Metricom executives could not say how many of its 20,000 ISP customers were
affected, but said Web surfing and outbound email functions were not
"They didn't hack into the Ricochet service or into any of our servers," said John Wernke, senior vice president of marketing and sales at Metricom. "The hack was really into the general Internet domain name system."
One of the most notorious DNS
hacks occurred in 1997 when AlterNic, an upstart domain name registration
firm, diverted Web traffic to is own site from the more established InterNic. America Online and even domain name registrar Network Solutions also have been victims, according to Network Solutions spokesman Brian O'Shaughnessy.
"Unfortunately, living in the world that we do, people try to take advantage of the situation," O'Shaughnessy said. "It's an illegal act and it's up to Metricom to pursue it legally."
Metricom's legal department is considering its options and law enforcement
agencies are investigating the situation, Wernke said.
Metricom, a wireless communications company based in Los Gatos, Calif., makes the Ricochet wireless modem, which allows mobile users to connect to the Internet at speeds of up to 28.8 kbps
(kilobits per second). The company is developing a new high-speed network, expected
Stock in the company has traded as high as 104.5 and as low as 4.5 in the
past 52 weeks.
Red Herring Online first reported the Metricom domain name hack.