Bad fail for Dell. They forgot to renew an Internet domain used for data recovery. A squatter grabbed the domain and immediately started delivering malware. It took Dell a month to get the domain back in control.
Brian Krebs has uncovered this case here, that may damage customers trust in Dell. But what the matter?
According to Krebs, the Dell Backup and Recovery Application program is installed on virtually all Dell computers. The program is designed to help customers restore their data and computers to their original factory defaults. This is very helpful in case of a problem with the device.
The backup and recovery program periodically checks a feasy to remember domain name DellBackupandRecoveryCloudStorage[.]com, which until recently was of central importance for Dell’s customer data backup, recovery and cloud storage solutions.
The program is described by the company as “a secure, simple and reliable backup and recovery solution” that “can protect your system (operating system, applications, drivers, settings) and data (music, photos, videos, documents and other important files) from data loss”.
Forgotten re-registration of the domain
Dell has probably forgotten to register or renew this domain name, which many sold PCs use for new installations of their operating systems. A squatter has noticed this, and grabbed the domain dellbackupandrecoverycloudstorage[dot]com. The new domain owner is accused of abusing this domain to spread malware.
Background: The domain was probably operated by a Dell subcontractor on behalf of the company – a not uncommon practice. At some point this summer, the domain was suddenly out of Dell’s or the contractor’s control, and was in the hands of third parties for a month.
Krebs writes that Dell’s subcontractor has regained control of the domain. No major malware infections seem to have been reported. But the damage to Dell’s trust level is now likely damaged. (via)