To Hack a domain name, hacker need to get full access to the domain control panel, For that he need to know the information like "domain registrar name" and "administrative email address".
Now to get this information of a targeted domain he uses WHOIS database. As WHOIS database is public, a hacker uses WHOIS tools like
whois.domaintools.com or other which are widely available in internet.
Now hacker gets the information domain registrar name and administrative email address of targeted domain. From here the game starts...
The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it.
Once the hacker gets full access to targeted email account, he will make a visit to domain registrar’s website and click on forgot password in the login page. So that domain registrar will send password reset details to domains administrative email account. As the hacker had full access to administrative email account, he uses the details sent to it and makes a login to the domain control panel.Once he gets access to domain control panel he can do what ever he want to do.
What happens if a Domain name is Hacked:
Now let’s see what happens when a domain name is hacked. To hack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.
If a Domain name is hacked, hacker can transfer the targeted domain name from the original registrant to other by which the real owner losses his domain name.
This is another side of what a hacker can do. For example, if a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (def.com). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (def.com) and not to the original site (abc.com).
In this case the domain name (abc.com) is said to be hacked or hijacked.
Prevention:
1.To prevent a domain from being hacked protect your
administration email account.
2.Another best way to protect your domain is to go for
private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administration email address.
So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but it's really worth for its advantages. Every domain registrar provides an option to go for a private registration, so when you purchase a new domain make sure that you select the private registration option.