Latest news of the domain name industry

Recent Posts

Israeli registrar denies “arms dealer” claims

Kevin Murphy, July 28, 2020, 20:10:36 (UTC), Domain Registrars

Israeli registrar GalComm has denied being involved in a widespread malware distribution scheme after being fingered by a security outfit.

Last month Awake Security accused the registrar, officially Communigal Communication Ltd, of being “at best complicit in malicious activity”.

The firm published a report entitled “The Internet’s New Arms Dealers: Malicious Domain Registrars” which linked GalComm to a network of malicious Chrome browser extensions the firm said can steal sensitive data from users who have them installed.

It identified 111 such plug-ins, which it said have been downloaded 33 million times, using over 15,000 domains registered via GalComm.

GalComm has around 48,000 domains registered in gTLDs at the last count, so that’s a sizable percentage of the registrar’s business.

Awake came to the conclusion that GalComm was well-aware of what its customers were up to.

Now, the registrar has sent a cease-and-desist notice to Awake, CC’d to ICANN (pdf), in which it denies all knowledge and responsibility for the malware.

GalComm’s line, to summarize, is that it’s just a registrar, and that it has no obligation to monitor how its customers use their domains.

It adds that the domains in question amount to 10% of its DUM. Still a pretty big chunk.

The company wants Awake to retract its report by today, which it has not yet done, or it will call in the lawyers.

Tagged: , , , ,

Comments (5)

  1. Namesilo was doing the exact same thing for some time with

    They zero-click parked it with parkingcrew.

    I called them out, then they changed it back.

  2. NameSilo says:


    This was a simple bug on our end where the domain ended up in our internal pool of domains and was auto changed to the parking logic. The accusation that we would change this page to a parking page on purpose is baseless and nonsensical.

Add Your Comment