Latest news of the domain name industry

Recent Posts

Namecheap poaches 20,000 domains from Go Daddy

A protest promo launched after Go Daddy CEO Bob Parsons came under fire for shooting an elephant appears to have netted Namecheap about 20,000 domain name transfers.

The company tweeted from its official account last night: “Thank you Namecheap customers, new and old! We have raised $20,433 to savetheelephants.org. We appreciate your support!”

Given Namecheap had offered to donate $1 for every domain transferred using a special $4.99 coupon code, it looks like it received 20,433 transfers over the last week.

Parsons won’t lose any sleep over this. Go Daddy’s domains under management ticks up by the same amount every five hours.

It may be a more significant amount for Namecheap, which says it has over a million domains under its belt.

UPDATE: As Adam Strong notes in the comments, the 20,000 domains did not necessarily all come from Go Daddy, as the offer was open to anybody.

NetSol to alert cops over domain hijacking

Network Solutions intends to “notify the proper authorities” after a high-profile customer had his account hijacked over the weekend.

Stephen Toulouse, head of policy and enforcement for Microsoft’s Xbox LIVE, lost access to stepto.com, including his web site and email, for several hours yesterday, after a disgruntled teenaged gamer persuaded a member of NetSol’s support staff to hand over the account.

In a statement published on its blog, the domain name registrar said it was an “isolated incident directed at a specific customer account”, adding:

We maintain a well developed processes to ensure that Social Engineering attempts or any identified security concerns are immediately alerted to a Supervisor, who will expedite the investigation, usually with the help of the Network Solutions Security team. In this case, the procedure was not followed, and we apologize for any trouble caused to our customer.

Our Security team continues to investigate this matter. Additionally, because we take this matter very seriously, we intend to notify the proper authorities with the evidence that we have gathered, so that they may investigate the person(s) responsible for the fraud.

According to a new YouTube video released by the person claiming responsibility for the attack, “Predator”, he’s 15. He blamed Toulouse for his frequent Xbox LIVE bannings.

While he said he perpetrated the attack to highlight insecurities in Xbox LIVE, he also offered to hijack other gamers’ accounts for up to $250.

Comments posted in response to his first post-attack video claim to reveal his true identity, but of course comments on YouTube are not what you’d call reliable evidence.

The video itself does reveal a fair bit of information, however, so I can’t imagine tracking him down will be too difficult, especially if Microsoft has his parents’ credit card number on file.

His YouTube channel also has videos of him operating a botnet. That’s a whole lot more serious.

Xbox security chief gets domain hijacked

The head of Xbox Live policy and enforcement at Microsoft has had his domain name compromised by a disgruntled gamer using a social engineering attack on Network Solutions

Stephen Toulouse, who goes by the screen name “Stepto” and has the domain stepto.com, seems to have also lost his email, hosting and, as a result, his Xbox Live account.

He tweeted earlier today: “Sigh. please be warned. Network solutions has apparently transferred control of Stepto.com to an attacker and will not let me recover it.”

Somebody claiming to be the attacker has uploaded a video to YouTube showing him clicking around Toulouse’s Xbox account, whilst breathlessly describing how he “socialed his hosting company”.

It’s a bit embarrassing for Toulouse. He was head of communications for Microsoft Security Response Center for many years, handling comms during worm outbreaks such as Blaster and Slammer.

Now at Xbox Live, he is, as the attacker put it, “the guy who’s supposed to be keeping us safe”.

But it’s probably going to be much more embarrassing for Network Solutions. When the tech press gets on the story tomorrow, difficult questions about NSI’s security procedures will no doubt be asked.

Toulouse has already made a few pointed remarks about the company on his Twitter feed today.

Social engineering attacks against domain name registrars exploit human, rather than technological, vulnerabilities, involving calling up tech support and trying to convince them you are your victim.

In this case, hijacking the domain seems to have been a means to control Toulouse’s email account, enabling the attacker to reset his Xbox Live password and take over his “gamer tag”.

The same technique was used to compromise the Chinese portal Baidu.com, that time via Register.com, in late 2009. That resulted in a lawsuit, now settled.

The attacker, calling himself Predator, was apparently annoyed that Toulouse had “console banned” him 35 times, whatever that means.

He seems to have left a fair bit of evidence in his wake, and he appears to be North American, so I expect he’ll be quite easy to track down.

Predator’s video, which shows the immediate aftermath of the attack, is embedded below. It may not be entirely safe for work, due to some casually racist language.

UPDATE (April 5): The video has been removed due to a “violation of YouTube’s policy on depiction of harmful activities”. I snagged a copy before it went, so if anybody is desperate to see it, let me know.

Go Daddy CEO catches flak for “elephant snuff film”

Kevin Murphy, March 28, 2011, Domain Registrars

Bob Parsons has come in for criticism for a recent video diary in which he headed to Zimbabwe to hunt elephant.

A petition launched yesterday at Change.org, entitled “Tell Go Daddy’s CEO: Real Men Don’t Kill Elephants” has attracted over 400 signatures.

The petition describes Parsons’ video as “basically a gruesome, 4-minute elephant snuff film”.

You can watch it here, if you can stomach the AC/DC soundtrack, photos of Parsons grinning over the corpse, and the scene where dozens of Zimbabweans (many wearing Go Daddy baseball caps) greedily tear up the elephant’s carcass.

The justification presented in the video is that “problem” elephants have been destroying crops, putting farmers’ livelihoods at risk.

The petitioner says there are better, more humane ways of dealing with the problem.

I expect this kind of PR plays well to the NASCAR crowd. To desk-bound, liberal-elite media, city-boy vegetarians such as myself, less so.

Go Daddy employee class action dismissed

Kevin Murphy, March 25, 2011, Domain Registrars

A class action lawsuit alleging that Go Daddy committed “wage theft”, filed by a disgruntled former call center worker, has been dismissed by an Arizona court.

While the plaintiffs have been given leave to amend their complaint, they’ve parted ways with their lawyers after a disagreement, which suggests the case may be on shaky ground.

I reported on the filing of the suit for The Register last May, and followed it up with a tangential blog post here.

The lead plaintiff, Toby Harris, claims he was fired after just a couple of months as a Go Daddy sales/support call center guy after he questioned why some of his commissions had been withheld.

His manager had apparently rated his work below a certain performance threshold, meaning he lost out on over $1,300 of bonuses in his first month. Harris said this was arbitrary and unfair.

He was then fired after, according to his termination letter, breaking security protocol by failing to sufficiently validate a customer’s identity. Harris said he was fired because he was a “whistleblower”.

Four other former Go Daddy employees are named plaintiffs in the class action, which alleges that by treating commissions as discretionary bonuses, Go Daddy has avoided paying its call center staff legally owed overtime wages.

But a few weeks ago, the judge in the District Court where the case is being heard dismissed the complaint (pdf) on the grounds that it did not assert enough facts to support its claims.

While the judge gave plaintiffs the opportunity to re-file the complaint, their lawyers evidently decided it was not worth it. They withdrew from the case.

Judging by a court filing the lawyers made last week (pdf), and several claims made by Harris on the gripe site NoDaddy.com, it was not an amicable split. Harris now seems to be looking for replacement attorneys to file an amended complaint before time runs out.

The thread on the NoDaddy forum devoted to the class action is extraordinary. Started in May last year, it’s grown to over 1,600 posts, the majority of which are rants written by Harris, often addressing Go Daddy CEO Bob Parsons directly and in personal terms.