´óÏó´«Ã½

Dell web address grabbed by third party

  • Published
Dell logoImage source, Getty Images
Image caption,

The domain name was checked regularly by software installed as standard on many Dell PCs

A web address used by recovery software on Dell PCs was taken over by a third-party after a contractor apparently failed to renew it.

Dell's software checks in with the domain periodically, so whoever snapped it up could use it to distribute malware.

Security expert and author Brian Krebs - who first reported the issue - .

Dell says no malware was transferred.

Dell's Backup and Recovery Application software is installed by default on many of the firm's PCs and allows users to restore their computers to factory settings, in the event of problems.

The software downloaded updates from dellbackupandrecoverycloudstorage.com.

That web address used to be controlled by US-based tech firm SoftThinks, but was taken over by another party at some point between June and July this year.

"Approximately two weeks after Dell's contractor lost control over the domain, the server it was hosted on started showing up in malware alerts," Mr Krebs said in his blog.

In a statement, Dell admitted it had lost control of the domain name but said the problem had been "addressed".

Dell said: "We do not believe that the Dell Backup and Recovery calls to the URL during the period in question resulted in the transfer of information to or from the site, including the transfer of malware to any user device."

A spokeswoman for Dell said that, on 9 July, the developer of the program bought the domain back from the third party that snapped it up - but she would not confirm how much this cost.

The ´óÏó´«Ã½ has contacted SoftThinks for comment.