Skip to content
Naked Security Naked Security

The mystery of the missing Perl website

A long-running domain supporting the popular programming language Perl has suddenly vanished. We don't yet know how or why.

If you’re a user of the venerable, powerful and popular open source programming language Perl, you’ll almost certainly have visited its official website at some point, at: https://perl.org.

You may very well also have visited its sister site perl.com, which until very recently looked like this:

Main page of perl.com on 2021-01-25, according to Wayback Machine (web.archive.org)

The About page of perl.com used to introduce the website as follows:

About page of perl.com on 2020-10-25, according to Wayback Machine (web.archive.org)

Well, be careful out there, folks!

It looks as though the perl.com domain has been taken over, though by whom is hard to say, given that the domain registration is now hidden behind a DNS privacy-guarding proxy.

The website is currently [2021-01-29] no longer accessible at all via HTTPS, and when visited via HTTP just sets a few tracking cookies, fetches some Javascript, and renders as a blank page:

Redirected perl.com site visited directly (and insecurely) on 2021-01-29.

The domain name registration was last updated two days ago, and is now valid for 10 more years from that date:

Domain Name: perl.com
Registry Domain ID: 432086_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.rrpproxy.net
Registrar URL: http://www.key-systems.net
Updated Date: 2021-01-27T12:43:15Z
Creation Date: 1994-08-16T04:00:00Z
Registrar Registration Expiration Date: 2031-01-26T15:26:42Z
Registrar: Key-Systems GmbH
[...]
Registry Registrant ID: REDACTED FOR PRIVACY
Registrant Name: REDACTED FOR PRIVACY  
Registrant Organization: REDACTED FOR PRIVACY
[...]
Registrant City: REDACTED FOR PRIVACY
Registrant State/Province: Chisinau
Registrant Postal Code: REDACTED FOR PRIVACY
Registrant Country: MD [Moldova]
[...]
Admin Name: REDACTED FOR PRIVACY  
Admin Organization: REDACTED FOR PRIVACY
[...]
Admin City: REDACTED FOR PRIVACY
Admin State/Province: REDACTED FOR PRIVACY
Admin Postal Code: REDACTED FOR PRIVACY
Admin Country: REDACTED FOR PRIVACY

Our chums over at The Register examined the now-dysfunctional domain yesterday [2021-01-28], and noted that name service (DNS) lookup for perl.com was being handled by domain name brokers Afternic, whom El Reg spotted were themselves offering perl.com for sale for a lofty price of $190,000.

Today [2021-01-29], the name servers show up as follows:

$ dig @9.9.9.9 perl.com ns
[...]
;; QUESTION SECTION:
;perl.com.			IN	NS

;; ANSWER SECTION:
perl.com.		3600	IN	NS	ns2.namefind.com.
perl.com.		3600	IN	NS	ns1.namefind.com.
[...]

Right now, neither Namefind nor Afternic seems to be trying to sell off the perl.com name, though at either of those sites you can pick up perly for $9999, perlsite for $4999, or perlmagic for just $2499.

Quite what happened to the perl.com domain name we don’t yet know.

However, The Register insists, on what it says is good authority, that until just before this latest change, the domain’s contact details were listed publicly, with the admin of the domain given as well-known Perl luminary Tom Christiansen.

Whether the original registrants will be able to recover this domain remains to be seen (it certainly seems that they did not intend to dispose of it), but we do know that whoever currently controls it now has it registered for a further decade.

So, if you’re a Perl fan, we recommend you steer clear of the perl.com domain unless and until the All Clear is sounded on it.

Although it looks blank and mostly harmless today, and although the HTTPS version of the site is not working at all right now, who knows what content might show up there in the future?


9 Comments

perls domain got stolen. Probably due to low grade protections on the authentication on their former registrar’s account.

Probably? Or just “possibly”? I think that if you want to say it’s a “probable” cause then you need to have some evidence…

Registry Data
perl.com
No whois information found. We are not the registrar of record for this domain name.

Errrrr, the output in the article is what I got from doing “whois perl.com”. It looks as though you have used a specific registrar’s website to look it up, rather than a generic “whois” query.

Perl NOC (log DOT perl DOT org) says:
Wednesday, January 27, 2021
perl DOT com hijacked
The perl DOT com domain was hijacked this morning, and is currently pointing to a parking site. Work is ongoing to attempt to recover it.

Update 2021.01.28:
Work is underway to attempt to recover the domain. If you’re looking for the content, you can visit perldotcom DOT perl DOT org.

Hahahaha, I like that workaround, although it is hard to say :-) Perldotcom (say it out in one breath) {short pause} dot-perl-dot-org.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?