Why did Microsoft win the auctioned 'corp.com' domain for about 200 million yen?
In February 2020, Microsoft won the domain of 'corp.com', which was auctioned at a minimum price of $ 1.7 million (about 185 million yen). At first glance, Brian Krebs, a cybercrime expert, reports why he got `` corp.com '', a domain that seems to have nothing to do with Microsoft, with a lot of money .
Microsoft Buys Corp.com So Bad Guys Can't — Krebs on Security
Around 1994, Mike O'Connor, a resident of the United States, was buying Aota for a domain name that would have value in the future. 'Corp.com' was another domain that Oconer purchased for the future.
However, this 'corp.com' domain was dangerous for PCs with Windows OS connected to the company's private network and
In Microsoft's Active Directory enterprise directory service system, versions such as Windows 2000 used 'corp' as the default Active Directory path.
If an employee of a company that introduced Active Directory and used the default intranet name tried to access “corp” from outside the company who could not connect to the intranet, they would access “corp.com” on the Internet. I will. In addition, data that should be sent to the intranet 'corp' is sent to 'corp.com' on the Internet. This means that 'corp.com' administrators can intercept private communications from PCs that have accidentally accessed 'corp.com'.
According to tests by the United States Department of Homeland Security , hundreds of thousands of computers running Windows OS were able to send corp.com information such as login information to an intranet and access information to shared files on the network. It was revealed that a large amount of confidential information was sent.
Fortunately, Oconnor had been neglecting 'corp.com' since it was purchased, so fortunately the information sent to 'corp.com' did not appear to have been misused. The reason for selling the domain was that O'Connor was old and 'want not to let his children take over the management of' corp.com '.'
It is not clear how much Microsoft has spent on the 'corp.com' bid to protect companies that have built an intranet named 'corp' in Active Directory. Microsoft commented on the case as 'purchased to protect customers.'
Related Posts:
in Security, Posted by darkhorse_log