Researchers expose vulnerability in WHOIS protocol through expired .mobi domain experiment, revealing potential internet security risks.

Researchers from WatchTowr Labs identified a vulnerability in the WHOIS protocol by purchasing an expired .mobi domain. They set up a WHOIS server, revealing that numerous systems, including certificate authorities, queried it, potentially undermining internet security. The experiment highlighted flaws in WHOIS’s trust model, suggesting that nation-states could exploit this loophole. The researchers called for urgent modernization of the WHOIS system to enhance security.