-snip- update 16 DEC: With the recent announcement of yet another Yahoo! breach, this time in 2013, I no doubt expect that the information below applies to data from 2013, not just the 2014 breach anymore.
Following-on from my previous Blog post, I decided to give more attention to the domains aspect of the Yahoo! data leak.
Side Note: This blog post is not intended to discourage, or force anyone to stop using Yahoo! services. Like any other provider, Yahoo! maintains a high level of security and complies with international laws and best-practices. However, this article does address the issue of data having been leaked in 2014 – which has been confirmed by Yahoo! and tries to provide more insight into persons possibly affected by the leak.
As articles like the one on CNN Money (click here) state, many people may have Yahoo! accounts without even knowing it. A prime example is email hosting that Yahoo! allows you to do via their business email services. This gives you your own email address, while Yahoo! manages all the back-end work.
Similar to how Google allows you to host your domain with Google Apps, Yahoo! allows you to host your domain and thus email and other services with them. What this means of course, is that the login account Yahoo! kept in its database for your “custom” domain was also stolen in the leak.
I decided to do an analysis to see what domains are hosting their services with Yahoo!. The best way for me to achieve this, as someone who loves password cracking, was to use a wordlist of domains – and compare their MX records to see who they host their email with.
My research led me to believe that Yahoo! services for email would point to some or other MX record like the ones below;
- am0.yahoodns.net
- mx-biz.mail.am0.yahoodns.net.
(* Thanks to Royce Williams (@TychoTithonus on Twitter) for the addition of a large number of domains we added to our Checker. )
.COM’s accounted for the most – 461 911 domains.
Following that was .NET’s with 44 128 and .ORG’s with 36 150.
Note: Only countries with 10+ domains where counted, there are many more in the 1-10 category.
The USA is in the graph below, as there were too many to include with other countries.
Clearly, the .COM market is Yahoo!’s major driver in hosted domains.
Interesting findings of domains hosted include Churches, Medical Companies, a lot of Legal Firms, Online Stores and Pharma companies.