Website Highjacked by another account (?)

Hello, I have just ran into an issue with my domain name, with which I use Cloudflare. What happened was: I noticed my website is unreachable, so after some troubleshooting I decided to check my Cloudflare account, and I noticed that my domain name is no longer there.

My assumption is this: a competitor of mine (or a malicious person) has kept on creating Cloudflare accounts until they have come across one with the same name servers as my website, from them on they have added my websites domain name to their Cloudflare account, and as it already has the same name servers, it was added to their account and they acquired control over the DNS settings, resulting in my website being down. (as I eliminated all other possible sources of the issue and narrowed it down to Cloudflare).

This is the only logical explanation I could see possible. Please anyone let me know if there are other possibilities to this issue. What I wish to know is if there is a way to lock the domain name into my account so that it could not be “stolen” like that again, or if there is an easier solution to this issue.

Any feedback and advice is welcome, please help me out.

Generally as Far I know , if the website is added already cannot be used or added again isn’t it ?

I just checked the account you are using here and do not see any zones in that account…ever. What is the name of the domain? Check to ensure it has not expired and nameservers changed.

If you add your zone to your account and then remove it and reset the nameservers at the registrar, another person can easily add it to a different Cloudflare account; They just add it and change the nameservers at the registrar.

Means
Hacker can add our website into their account and if the hacker gets the same nameserver (existing nameserver victim using currently) from Cloudflare then the hacker can change the DNS inside the hacker’s Cloudflare Account right ?

The issue is not in this account, I have simply made it to ask for advice while my team is working on my website. It has not expired. The issue was that the DNS settings were changed. What I have described is the only thing that could possibly have happened.

What I need to know is how to make it so it doesn’t happen again. I appreciate your time and answers.

Yes, anyone can add a site, but that does very little in and of itself.

Given the number of unique combinations, it is possible two accounts could have the same two nameservers.

Not if the zone is already active in a different account, background on nameservers here, https://blog.cloudflare.com/whats-the-story-behind-the-names-of-cloudflares-name-servers/.

After the blog, if you have more questions @charles-davies9 start a new topic, the conversation comes up frequently around here.

@mytrick4u

Are you using ezoic by any chance?

Not using ezoic

1 Like

What is the name of the domain?

1 Like

Seems highly unlikely this is what occurred as Cloudflare has specific logic in place to prevent the same nameservers being assigned for an active zone when attempting to add the domain in another account.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.