Latest news of the domain name industry

Recent Posts

CentralNic spends $3.3 million on .com portfolios

Kevin Murphy, January 9, 2018, Domain Sales

CentralNic has splashed out £2.5 million ($3.3 million) to bolster its portfolio of domain names for the secondary market.

The company said in a brief statement today that it acquired an unspecified number of domains across “a number of portfolios”. The sellers were not disclosed.

The names were all in .com.

CEO Ben Crawford said the names were acquired “at an attractive discount to current market rates”.

The deals mean London-listed CentralNic might be able to continue to prop up its recurring revenue (registry/registrar) numbers through the sale of premium names, something it still needs to do if it wants to show investors a pleasing growth curve.

That’s assuming it can sell the names at a profit, of course.

Some call this the premium domain “hamster wheel”.

Comment Tagged: , ,

SpamHaus ranks most-botted TLDs and registrars

Kevin Murphy, January 9, 2018, Domain Registrars

Namecheap and Uniregistry have emerged as two of the most-abused domain name companies, using statistics on botnet command and control centers released by SpamHaus this week.

SpamHaus data shows that over a quarter of all botnet C&Cs found during the year were using NameCheap as their registrar.

It also shows that almost 1% of domains registered in Uniregistry’s .click are used as C&Cs.

The spam-fighting outfit said it discovered “almost 50,000” domains in 2017 that were registered for the purpose of controlling botnets.

Comparable data for 2016 was not published a year ago, but if you go back a few years, SpamHaus reported that there were just 3,793 such domains in 2014.

Neither number includes compromised domains or free subdomains.

The TLD with the most botnet abuse was of course .com, with 14,218 domains used as C&C servers. It was followed by Directi’s .pw (8,587) and Afilias’ .info (3,707).

When taking into account the relative size of the TLDs, SpamHaus fingered Russian ccTLD .ru as the “most heavily abused” TLD, but its numbers don’t ring true to me.

With 1,370 botnet controllers and about five and a half million domains, .ru’s abused domains would be around 0.03%.

But if you look at .click, with 1,256 botnet C&Cs and 131,000 domains (as of September), that number is very close to 1%. When it comes to botnets, that’s a high number.

In fact, using SpamHaus numbers and September registry reports of total domains under management, it seems that .work, .space, .website, .top, .pro, .biz, .info, .xyz, .bid and .online all have higher levels of botnet abuse than .ru, though in absolute numbers some have fewer abused domains.

In terms of registrars, Namecheap was the runaway loser, with a whopping 11,878 domains used to control botnets.

While SpamHaus acknowledges that the size of the registrar has a bearing on abuse levels, it’s worth noting that GoDaddy — by far the biggest registrar, but well-staffed with over-zealous abuse guys — does not even feature on the top 20 list here.

SpamHaus wrote:

While the total numbers of botnet domains at the registrar might appear large, the registrar does not necessarily support cybercriminals. Registrars simply can’t detect all fraudulent registrations or registrations of domains for criminal use before those domains go live. The “life span” of criminal domains on legitimate, well-run, registrars tends to be quite short.

However, other much smaller registrars that you might never have heard of (like Shinjiru or WebNic) appear on this same list. Several of these registrars have an extremely high proportion of cybercrime domains registered through them. Like ISPs with high numbers of botnet controllers, these registrars usually have no or limited abuse staff, poor abuse detection processes, and some either do not or cannot accept takedown requests except by a legal order from the local government or a local court.

The SpamHaus report, which you can read here, concludes with a call for registries and registrars to take more action to shut down repeat offenders, saying it is “embarrassing” that some registrars allow perpetrators to register domains for abuse over and over and over again.

Comment Tagged: , , , , , ,

Namecheap to bring millions of domains in-house next week

Kevin Murphy, January 5, 2018, Domain Registrars

Namecheap is finally bringing its customer base over to its own ICANN accreditation.

The registrar will next week accept transfer of an estimated 3.2 million .com and .net domains from Enom, following a court ruling forcing Enom owner Tucows to let go of the names.

The migration will happen from January 8 to January 12, Namecheap said in a blog post today.

Namecheap is one of the largest registrars in the industry, but historically it mostly acted as an Enom reseller. Every domain it sold showed up in official reports as an Enom sale.

While it’s been using its own ICANN accreditation to sell gTLD names since around 2015 — and has around four million names on its own credentials — it still had a substantial portion of its customer base on the Enom ticker.

After the two companies’ arrangement came to an end, and Enom was acquired by Tucows, Namecheap decided to also consolidate its .com/.net names under its own accreditation.

After Tucows balked at a bulk transfer, Namecheap sued, and a court ruled in December that Tucows must consent to the transfer.

Now, Namecheap says all .com and .net names registered before January 2017 or transferred in before November 2017 will be migrated.

There may be some downtime as the transition goes through, the company warned.

1 Comment Tagged: , , , , , ,

Get a free ticket to NamesCon here

Kevin Murphy, January 5, 2018, Domain Services

NamesCon, the annual domain name industry conference, runs in Las Vegas at the end of the month, and DI has five free tickets to give away to readers.

The catch: only people who have never been to NamesCon before are eligible. It’s a strictly n00bs-only giveaway.

NamesCon starts January 28 and runs for three days at the Tropicana Hotel in Las Vegas.

Kicking off the show, in surely one of life’s “together at last” moments, Andrew Allemann of Domain Name Wire will sit down for a live interview with David Ellefson, founder of the metal band Megadeth. It’s probably going to be one of those “you had to be there” experiences.

There’s a strong focus on blockchain and cryptocurrency this year, given the interest many domainers are showing in this area as a new investment opportunity.

But the agenda is made up of the usual mix of industry experts discussing themes such as domain investment, web site development, branding, intellectual property and the like.

There’s even a Women In Domaining Dinner, where women can discuss whether it’s worth investing in .makeup and .horse domains, and a Christian Domainers’ Breakfast, where followers of Our Lord can eat bacon in peace and prevaricate on why greed is definitely not as bad as the Bible unambiguously states it is.

It’s usually a pretty good show with a good turn-out. The networking opportunities alone make it worth a trip.

To claim one of the five complimentary conference passes, simply leave a comment on this blog post stating clearly that you want one, and complete this sentence in 10,000 words or fewer:

I want to spend three nights away from my partner in Las Vegas because…

Use a functioning email address or I won’t be able to send you the ticket details.

The first five people to leave a qualifying comment get a ticket each.

It should go without saying that this ticket only gets you into the conference itself. How you get to Vegas and where you sleep when you get there is your problem.

Again, and I can’t stress this enough, if you’ve been to NamesCon before you’re not eligible for this competition. That’s NamesCon’s rule, not mine, so no arguing.

In the unlikely event that all five tickets have gone by the time you read this post, you may want to check out some of my co-conspirators at other domain community blogs, several of which I gather also have tickets to give away today.

14 Comments Tagged: ,

New gTLD to increase prices 10x, add blockchain voting service

Kevin Murphy, January 4, 2018, Domain Registries

The new gTLD .voting is to suffer a steep price increase as its registry bakes a new “e-voting solution” into its offering.

Valuetainment, the Germany-based registry, informed registrars of its decision recently.

While I don’t know the exact figures involved, it appears the annual wholesale cost of a .voting domain will rise more than tenfold.

Currently, the retail price of a .voting domain can range from $60 to $100 per year. After June 1, that price is likely to start around the $600 mark.

But the registry also told registrars it plans to bundle in with each domain an “e-voting solution” in which “votes are anchored in the blockchain”. There would be no additional charge for this service.

This actually smells a bit like innovation, something the new gTLD program has lacked to date but which sometimes scares away registrars that see mainly implementation and support costs.

Steep price increases also have a track record of scaring away registrars, as Uniregistry discovered last year.

I understand the plan is to apply the price increase to renewals for all existing .voting domains, which currently number a little under 1,000.

At the last count, two thirds of .voting domains had been sold via German reseller platform RegistryGate, with GoDaddy a distant second.

Registry representatives have not responded to a request for information about the blockchain-based voting service, so I can’t tell you much more about it other than blockchain-based systems are in vogue right now due to the popularity of speculation in electronic “currencies” such as Bitcoin.

Comment Tagged: , , , , ,