A small security firm has singled out eNom as the domain name registrar and web host with the most criminal activity on its network.
HostExploit released a report today claiming the concentration of “badware” on the network belonging to eNom and its soon-to-be-public parent Demand Media is “exceptionally high”.
The claim is based on the proportion of dodgy sites on eNom’s network relative to its size, rather than the actual quantity.
The report says the Demand-owned autonomous system AS21740 has the fifth-highest amount of badware and the sixth-highest number of botnet command and control servers.
It goes on to say that the four or five AS’s with larger amounts of malware are themselves between 10 and 7,500 larger than eNom, as measured by address space.
The report, which I’m guessing HostExploit released to coincide with the hype around Demand Media’s upcoming IPO, draws heavily on existing research, such as this recent KnuJon registrar report (pdf).
It also uses stats from Google-backed StopBadware.org to demonstrate that eNom hosts a disproportionately large number of malware-serving URLs.
According to StopBadware, Go Daddy actually hosts more bad URLs than eNom – 10,797 versus 7,429 – but Go Daddy’s market share is of course over three times larger.
According to WebHosting.info, eNom currently has 9.5 million domains under management, compared to Go Daddy’s 35.2 million.
In Demand Media’s IPO registration statement, filed last Friday, the company acknowledges that it sometimes gets bad publicity but says it’s caught between a rock and a hard place.
We do not monitor or review the appropriateness of the domain names we register for our customers or the content of our network of customer websites, and we have no control over the activities in which our customers engage.
While we have policies in place to terminate domain names if presented with a court order or governmental injunction, we have in the past been publicly criticized for not being more proactive in this area by consumer watchdogs and we may encounter similar criticism in the future. This criticism could harm our reputation.
Conversely, were we to terminate a domain name registration in the absence of legal compulsion, we could be criticized for prematurely and improperly terminating a domain name registered by a customer.