Latest news of the domain name industry

Recent Posts

ICANN registrar’s domain listed for sale on Sedo

When selecting a domain name registrar there are often clues you can use to determine broadly whether a firm is entirely reliable, but this one is new to me.

Vivid Domains, a small-time, seven-year-old ICANN-accredited registrar, currently has its primary domain, vividdomains.com, listed for sale on Sedo.

It’s listed as a “domain without content” too, which looks even more peculiar.

According to DotAndCo, the company recently relocated from Florida to Grand Cayman.

WebHosting.info notes that, having chugged along for some time with only a few hundred domains under management, Vivid’s registration base has leapt from about 400 to over 1,900 in the last two weeks.

KnujOn’s registrar audit report (pdf), released at ICANN Brussels last week, notes that the anti-spam company was unable to locate a business registration for Vivid.

I’m not suggesting Vivid is dodgy, but these are the kind of clues I would use when deciding whether to give a registrar a wide berth.

Register.com sold at a $65 million loss

Register.com has been acquired by web hosting company Web.com for $135 million, substantially less than the $200 million Vector Capital paid for it five years ago.

Web.com said the acquisition will help it access new small business customers for lead generation, to cross-sell its existing products.

The company’s customer base will increase by over 400% to more than one million customers, Web.com said. The combined firm will have annual revenue of $180 million.

Register.com was one of the first five ICANN-accredited registrars. It failed as a public company, and after years of financial wrangling was finally taken private by Vector in 2005.

Vector specializes in buying up troubled companies and turning them around, but it doesn’t appear to have increased the value of this particular asset over the last five years.

More WordPress attacks at Go Daddy

The Kneber gang has continued its attacks on Go Daddy this week, again targeting hosting customers running self-managed WordPress installations.

Go Daddy said that several hundred accounts were compromised in order to inject malicious code into the PHP scripts.

“The attack injects websites with a fake-antivirus pop-up ad, claiming the visitor’s computer is infected,” Go Daddy security manager Scott Gerlach blogged.

According to the alarmists-in-chief over at WPSecurityLock, the attacks place a link to a script hosted on cloudisthebestnow.com, a domain registered by “Hilary Kneber”.

The script attempts to install bot software on visitors’ machines.

As I’ve written before, the Kneber botnet has been running since at least December 2009. It generally hosts its malware on domains registered with ICANN-accredited BizCN.com, a Chinese registrar.

Go Daddy said it has contacted the registrar to get the domain yanked. It may have been successfully killed already, but I’m too much of a little girl to check manually.

I must confess, as somebody with a number of WordPress installations on Go Daddy servers, it makes me a little nervous that these attacks are now well into their second month and I still don’t know whether I should be worried or not.

Go Daddy launches paid YouTube clone

Go Daddy has opened the doors of Video.me, a video-hosting service with a difference.

The difference is you have to pay for it.

The company seems to be banking on the idea that users will be happy to hand over $2 per month, rather than use YouTube for free, because Video.me has simpler password protection.

“People want privacy online, it’s obvious from the all of the recent news,” chief executive Bob Parsons said in a press release. “YouTube has been the place for mass-consumption videos, but for sharing more personal items, it’s way too complicated.”

Most of the recent news about online privacy has been focused on Facebook. I don’t think I’ve seen many people complaining about YouTube.

Still, at the very least the service is a high-profile use of a .me domains, which could help Go Daddy as a partner in Domen, the Montenegro-based .me registry.

Google blocks Go Daddy for ‘hosting malware’

(UPDATED) Google is currently blocking Go Daddy’s web site, calling it dangerous, because one of its image-hosting domains has been flagged for hosting malware.

Chrome users visiting pages on godaddy.com, including its storefront, currently see the standard Google alert page: “Warning: Visiting this site may harm your computer!”

Go Daddy’s main page seems to be affected because it uses images hosted at img5.wsimg.com, a Go Daddy domain.

A bit of a poke around reveals that the whole of wsimg.com is currently considered a malware site by Google’s toolbar on non-Chrome browsers, and also by the Google search engine.

The question is, of course, whether this is a simple false positive or whether bad guys have somehow managed to inject malware onto Go Daddy’s servers.

Go Daddy’s web site takes revenue in the six figures every hour, so if this is a false positive I can only imagine the content of the phone calls between Scottsdale and Mountain View right now.

But Go Daddy has been a target for the bad guys in recent weeks, with attacks against its hosting customers proving an irritant that the company can’t seem to shake off.

The company was also the victim of a phishing attack yesterday. I’d be surprised if the two incidents are connected.

UPDATE: Warren Adelman, Go Daddy’s chief operating officer, just called to say that this was indeed a false positive.

“Google erroneously flagged some of our image servers,” he said. “We need to go into this with Google, but there wasn’t any malware on our end.”

Adelman said Go Daddy has a pretty good idea what happened, but that it proved hard to get hold of the relevant people at Google on a Sunday morning during Memorial Day weekend.

Further details may be forthcoming later this week. For now, Google has apparently unflagged the servers in question, and Adelman expects the situation to be resolved within the hour.