Some .tk domains, including tcl.tk and tclers.tk, which host the development of the programming language Tcl, were hijacked yesterday and now redirect to a BitTorrent tracker. Both tcl.tk and tclers.tk, though owned by different accounts, had their domain delegation changed to point to a server that is under the control of the attackers. The owner of the tclers.tk account has confirmed that he can no longer access his customer account using his credentials nor reset the password for the account. Based on the tclers.tk case a brute force attack against the passwords seems unlikely. The tclers.tk account was still accessible by the owner earlier in the day, so a session stealing vulnerability on dot.tk is possible. The public WHOIS information of the affected domains has not changed so far.The following high-traffic (per Alexa) .tk domains currently resolve to the IP address of server mentioned above: http://pastebin.com/PLh2amVx. DotTk has not made any announcements regarding the situation yet.