By Sean Wolfe
December 13, 2006
Call it a Friday night special.
Over the weekend, South San Francisco-based Blueprint Ventures, backer
of such companies as Airtight Networks, KeyEye Communications, and
Visto, lost their Web site to a hacker, whose modus operandi is to alter
the domain name server pointer, and direct it to porn sites, then await
a ransom to undo those changes.
Now, the company is wrangling with Register.com to get it back.
Bart Schachter, managing director at Blueprint said he wasnt sure how it
had happened. On Friday evening when he left work all was well. Then
over the weekend, his email stopped working. Did Blueprint fail to pay
domain registration fees? No, Mr. Schachter said.
Its like identity fraud. Now we cant even get into the register.com
entry, because they changed all the passwords, he said.
Blueprints former domain now lists Andrew Krukov, presumably a false
name, in Moscow, Russia. The email address for Mr. Krukov leads to a
domain registered in the name of Andy Placid, whose name is attached to
a number of domains - some not fit to reprint here - but including
cellgateinc.com, and treffend.com - a known source of pornography spam.
What weve found is that this guy has done it quite frequently and that
porn seems to be how he gets his ransom. Its not because hes trying to
sell porn, but because its probably offensive to the original owners to
get them to pay, Mr. Schachter said.
Blueprints working on getting its site back, but complains that the
process for getting its site restored is lengthy.
Its probably going to take weeks, which is absurd. Its like someone
stealing a car, and youre pointing to it, you have the papers, but they
wont give it back to you.
The impact to the firm has been significant, as the company is working
in closing two deals before years end.
Its messed with the closing schedulebut the real handicap is to go
without email, he said.
Blueprint Venture has set up a temporary site at
www.blueprintventure.com until the matter is resolved.
Subscribe to InfoSec News