News broke earlier this week that Samsung, the most popular smartphone maker in the world, left millions of customers vulnerable to hackers after it let expire a domain that was used to control a stock app installed on older devices, security researchers say. Tim Helming, Director of Product Managment at DomainTools commented below.
Tim Helming, Director of Product Managment at DomainTools:
“Over the years, researchers have found many instances of expired domains still figuring in live code, which has the potential to give attackers various kinds of dangerous unauthorized access. Considering the low cost of registering domains–I’d guess that Samsung spends more annually on little red coffee stirrers than it would have cost to renew this domain for ten years or more–something like this should never occur because of an intentional decision. If it was a mistake, it highlights the importance of managing domain registrations. In some cases a lapse can be merely embarrassing or inconvenient, but since so many critical systems rely on communications to domains, it’s vital to retain positive control of them.”