13 comments

[ 4.6 ms ] story [ 43.0 ms ] thread
Maybe somebody hijacked their DNS?
A whois on craigslist.org shows that it was updated today.
I have a feeling the lesson at the end of this is going to involve setting longer TTLs.
That's a tough one, because in the event of a hijacked domain like this, a lower TTL would also force the "good" settings back faster.
I saw this, too. If you can get a little deeper into cl, ex. boston.cragislist.org/i/apartments or boston.craigslist.org/search/aap, you get a Microsoft Frontpage site with the title "digital gangster for life".
It's struggling to load though -- I don't think the hacker was anywhere near ready for Craigslist levels of traffic.
Looks like it is redirecting to "digitalgangster(dot)com) -- Also, DNS shows registrant as "Registrant Name: Steven wynhoff @LulzClerk"
Please change the link to this discussion rather than linking directly to a server that seems to be compromised.
(comment deleted)
Yeah, fair point. It was a legitimate question when I posted this -- the page wasn't loading and some weird text was appearing at the bottom.

Not sure there's a way to remove the link on HN and just make this a discussion, otherwise I would do so.

Repeat after me:

I won't link to sites i suspect being compromised. I won't link to sites i suspect being compromised. I won't link to sites i suspect being compromised. I won't link to sites i suspect being compromised. ...