[German]Microsoft has acquired the domain Corp.com as a precautionary measure. The goal is to prevent the domain from being used by malicious parties to steal Windows credentials, monitor customer traffic, or deliver malicious files.
The previous owner of the domain was investor Mike O’Connor, who has held it for 26 years. In recent years, O’Connor has been reluctant to sell the domain due to the risk of abuse by malicious parties.
Bleeping Computer now reports here, that Microsoft has acquired the domain. The background: Microsoft has in the past recommended companies to use “CORP” as the name of their Activ Directory domains when configuring a new Windows network.
However, as DNS and Internet domains became more and more tightly integrated with Windows domains, the problems began. The Windows domains that use CORP suddenly got DNS name collisions with the real corp.com Internet domain if they were not configured properly. Windows sometimes tried to connect to the corp.com Internet domain instead of the Windows domain when accessing resources such as network shares, logins and printers – writes Bleeping Computer.
Microsoft buys corp.com
According to Brian Krebs, when O’Conner put corp.com up for sale for $1.7 million, he hoped Microsoft would buy the domain to protect its customers, rather than cybercriminals or government-sponsored hacker groups who would use it for malicious purposes. Now Krebs reports, that Microsoft has agreed to buy the domain from O’Conner at an undisclosed price. In a statement Microsoft writes:
To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names. We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the Corp.com domain
As part of its commitment to customer security, Microsoft has acquired Domain Corp.com. Although Microsoft now owns the domain, it should be noted that these DNS name collisions can still occur. Administrators should migrate Windows domains to domain names that belong to the company whenever possible to avoid these types of DNS name collisions in the future.