Hacker News new | ask | show | jobs
by ezequiel-garzon 3325 days ago
The registered domain gwea.com: http://www.thedailybeast.com/articles/2017/05/12/stolen-nsa-...

Edit: I'm not so sure now. The whois record seems to suggest recent activity:

   Domain Name: GWEA.COM
   Registrar: 22NET, INC.
   Sponsoring Registrar IANA ID: 1555
   Whois Server: whois.22.cn
   Referral URL: http://www.22.cn
   Name Server: PK3.22.CN
   Name Server: PK4.22.CN
   Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
   Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Updated Date: 18-mar-2017
   Creation Date: 17-mar-1999
   Expiration Date: 17-mar-2018
1 comments
eddyg 3325 days ago
ends with "gwea.com". Big difference.
link
ezequiel-garzon 3325 days ago
At the risk of losing more karma... isn't the domain registered to stop this gwea.com itself?

The hacker, though, didn’t register the gwea.com domain name. On Friday morning, a 22-year-old UK security researcher known online as MalwareTech noticed the address in WannaCry’s code and found that it was still available. “I saw it wasn’t registered and thought, ‘I think I’ll have that,’” he says. He purchased it at NameCheap.com for $10.69, and [...] [1]

If it is, it seems to contradict the whois record.

[1]: http://www.thedailybeast.com/articles/2017/05/12/stolen-nsa-...

link
detaro 3325 days ago
The domain is not gwea.com, it ends in gwea.com. Two paragraphs above your quote in the article:

> a dot-com address consisting of a long string of gobbledygook letters and numbers ending in “gwea.com”

jstoja mentions it above: iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com

link
ezequiel-garzon 3325 days ago
My bad, I had misunderstood it completely. Thanks.
link
Om230 3320 days ago
Sir my mobile phone is hage
link