An Amazon employee became owner of Google.com for a few minutes

Sanmay Ved was searching for available .com domains and discovered the availability of Google.com … then he bought it, but something happened …

This story is amazing and difficult to believe …. an individual managed to buy the Google.com domain and now I’ll tell you how.

The guy is Sanmay Ved, a former Google employee that currently works for Amazon. Sanmay Ved was searching for available .com domains when he made a shocking discovery, the Google.com was “available” for purchase.

“A strange thing happened at 1:20 AM Eastern Time on Tuesday, September 29. I was learning more about the Google Domains interface, and typed google.com and clicked search domains. To my surprise, Google.com was showing as available!” explained Ved.

Sanmay Ved, an ex-Google employee and current-Amazon employee, experienced something of a shock when he found that the world’s largest search engine website, Google.com, was “available” for purchase.

How much is it? Just $12 to buy the domain of the search engine giant.

He wary went ahead trying to complete the purchase, certain that it was a mistake. He added the Google.com domain to the shopping cart and completed the payment. The purchase was successfully completed and he and he became the new owner of the domain.

In a few seconds his inbox and Google Webmaster Tools were flooded with webmaster related messages that were confirming the ownership for the Google.com domains, a scary circumstance if we consider that Ved had access to webmaster controls for a minute.

“As soon as I completed purchase, I received two emails, one from sc-noreply@google.com, and one from wmt-noreply@google.com, which is not the norm when you book domains via Google Domains as I have booked new, previously un-registered domains before, and I have never received emails from the above aliases on booking the domains.  I will not share the contents of the emails here given they relate to the Google.com domain. The domain also successfully appeared in my Google Domains order history.

Additionally, my Google Search Console (aka Google Webmaster Tools) was auto-updated with webmaster related messages for the Google.com domain which actually means ownership was transferred to me! One gets the below messages in Search Console only for those domains for which one is the verified admin/verified owner (of course access was removed when domain was taken back by Google).” Ved said. “The scary part was I had access to the webmaster controls for a minute,”

Just a few minutes and the dream vanished, Ved received an order cancellation email and was refunded by Google Domains.

How is it possible? Google owns Google Domains and this means that the company manage all purchases of domains and it could revoke them if needed.

At the time I was writing there are no news regarding the “incident,” someone speculates that Google simply has forgotten to renew the Google.com domain, other believe that there is a bug in Google Domains.

Ved has published a blog post describing the entire story and publishing the screenshots of the process.

Ved reported the incident to Google Security and the company has acknowledged it.

That’s incredible!

Pierluigi Paganini

(Security Affairs – Google.com domain, ownership)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

11 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

15 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

21 hours ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

24 hours ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

TheMoon bot infected 40,000 devices in January and February

A new variant of TheMoon malware infected thousands of outdated small office and home office…

2 days ago

This website uses cookies.