Security

Dell forgot to renew PC data recovery domain, so a squatter bought it

Days later it served malware, but the only visible damage was to Dell's reputation

By Simon Sharwood, APAC Editor

56 SHARE

Dell forgot to re-register a domain name that many PCs it has sold use to do fresh installs of their operating systems. The act of omission was spotted by a third-party who stands accused of using it to spread malware.

The domain in question is www.dellbackupandrecoverycloudstorage.com, which offers anodyne information about Dell's data protection products. The site is also used by an app called the “Dell Backup and Recovery Application”, a program bundled with Dell PCs and which the company bills as “a safe, simple, and reliable backup and recovery solution that can protect your system (OS, applications, drivers, settings) and data (music, photos, videos, documents, and other important files) from data loss.”

The program also helps Dell PC owners who want to do a factory reset.

Krebs On Security reports that the domain is administered by a third party, which forgot to re-register it in June 2017.

Enter an alleged typosquatter, who acquired the domain. Not long afterwards, Krebs alleges the domain redirected to sites hosting malware.

Dell confirmed it lost control of the domain to The Register, in the following statement:

A domain as part of the cloud backup feature for the Dell Backup and Recovery (DBAR) application, www.dellbackupandrecoverycloudstorage.com, expired on June 1, 2017 and was subsequently purchased by a third party. The domain reference in the DBAR application was not updated, so DBAR continued to reach out to the domain after it expired. Dell was alerted of this error and it was addressed.

We do not believe that the Dell Backup and Recovery calls to the URL during the period in question resulted in the transfer of information to or from the site, including the transfer of malware to any user device.

Krebs makes no allegation that malware-slingers attempted to have Dell's application download something nasty, so Dell is probably in the clear. Albeit with plenty of egg on its face. ®

Sign up to our NewsletterGet IT in your inbox daily

56 Comments

More from The Register

Amazon adds cloudy Linux desktops to encourage developers to code for EC2

Running Amazon Linux 2, which just scored long-term support

WTH is my domain? OpenSRS and Hover down and out

Updated Network failure forces punters' websites offline

FCC sets a record breaking $120m fine for rude robocalls

Florida Man gets one hell of a phone bill for nuisance calls

One year late, US senators act on fake net neutrality comments that drowned the FCC

It's not a real problem until a Congressman is affected

You blithering Ajit! Huawei burns Pai for FCC sh*tlist proposal

American broadband bossman's ban plan panned

Lawyer warned FCC of Securus phone-tracking risks 10 months ago

Legal concerns over platform were floated back in July

Having ended America's broadband woes, the FCC now looks to space

Satellite operators reminded they need permission to relay broadband internet. Looking at you, Swarm…

US senators get digging to find out the truth about FCC DDoS attack

And why serial self-promoter John McAfee is a security expert on Russian hacking

FCC backtracks on helping with neutrality fraud investigation

Eager to cut ISP regulation, the agency shows concern for privacy of comment forgers

Flipping 'ell, Dell! IT giant preps to go public again, files its homework

Five-year private ownership period to end in Q4, according to paperwork sent to the SEC