Latest news of the domain name industry

Recent Posts

A quarter of registrar’s names are “illicit pharmacies”

Kevin Murphy, January 16, 2015, Domain Services

One in four of the domain names registered with the registrar NetLynx are linked to current, past or potential future rogue drug sites, according to online pharmacy monitor LegitScript.

The Mumbai-based registrar was hit with a breach notice by ICANN Compliance last week, over an alleged failure to investigate an abuse complaint about a single customer domain, tnawsol24h.com.

NetLynx did not adequately respond to ICANN’s calls from November 26 to January 5, according to the notice (pdf).

While ICANN did not identify the source or nature of the complaint, according to LegitScript it was filed by the UK Medicines and Healthcare products Regulatory Agency and it claimed that the domain was being used as a “rogue internet pharmacy”.

LegitScript did some research into NetLynx’s domains under management and now claims that it is not an isolated case.

Company president John Horton blogged:

at least a quarter of the registrar’s business is dependent on rogue Internet pharmacy registrations, with roughly 3,000 of the 12,000 domain names under the registrar’s portfolio taggable as current, past or “holding sites” for illicit online pharmacies.

Horton clarified for DI that the 3,000 number is extrapolated from the fact that LegitScript managed to categorize 1,820 out of the 7,000 NetLynx domains it could find as problematic.

Of those, 820 were “online and active” rogue pharmacies, he said. He gave canadian-drug-pharmacy.com, pills-delivery.net and pillsforlife.net as examples.

Another 780 were hosting rogue pharmacies in the past but have since been shut down, he said.

Finally, LegitScript categorized 220 as “meeting known patterns” for “holding sites” where illicit pharmacies may be launched in future. Horton said:

many of the spam pharma organizations use “holding domain names” (not all are online at any one time), so if the website was NOT currently online, we looked to a variety of data — known domain name patterns, screenshots, known rogue name servers, known rogue IP addresses, etc. — to determine the likelihood that a domain name is likely to be a rogue Internet pharmacy, and gave NetLynx the benefit of the doubt if there was any lack of certainty

LegitScript classifies online pharmacies as “rogue” if they offer to ship medicines without a prescription to people in jurisdictions where prescriptions are required.

Horton is now calling for ICANN to look into terminating NetLynx’s accreditation.

EasyDNS changes take-down policy after man dies

Kevin Murphy, August 15, 2014, Domain Registrars

Canadian registrar EasyDNS has amended its take-down policy after a customer of one of its registrants died of an overdose.

In a frank blog post today, CEO Mark Jeftovic said that the man had died using a “controlled substance” ordered online. The web site in question used a domain registered via EasyDNS.

As a result of the death, and conversations with ICANN and the US Food and Drug Administration, EasyDNS has changed its policy.

It will now turn off any domain used for a pharmacy web site unless the registrant can produce a license permitting it to sell pharmaceuticals in the territories it sells to.

Previously, the company would only turn off a pharmacy-related domain with a court order.

It’s a notable U-turn for the company because Jeftovic is an outspoken critic of unilateral take-down notices.

In January, he referred to the National Association of Boards of Pharmacy as a “batch of clowns” for demanding that EasyDNS and other registrars take down unlicensed pharmacies without court orders.

He also has an ongoing beef with the UK police over its repeated requests for file-sharing and counterfeiting-related domains to be taken down without judicial review.

Jeftovic blogged today:

[I]n one case we have people allegedly pirating Honey Boo Boo reruns and on the other we have people dying. We don’t know where exactly, but the line goes somewhere in between there.

We have always done summary takedowns on net abuse issues, spam, botnets, malware etc. It seems reasonable that a threat to public health or safety that has been credibly vetted fits in the same bucket.

As a private company we feel within our rights to set limits and boundaries on what kinds of business risk we are willing to take on and under what circumstances. Would we tell the US State Department to go to hell if they wanted us to take down ZeroHedge? Absolutely. Do we want to risk criminally indicted by the FDA because of unregulated vicodin imports? Not so much.

You can read his full blog post here.

Registrar threatened with shutdown for failing to reveal registrant

Kevin Murphy, November 9, 2011, Domain Registrars

ICANN has told a Turkish domain name registrar that its accreditation will be terminated unless it fixes its apparently shoddy Whois services.

While Alantron has a track record of Whois failures and connections to abusive domains, ICANN’s threat appears to have been made in connection with a single domain name.

ICANN compliance director Stacey Burnette wrote to Alantron (pdf):

On 12 October 2011, ICANN requested that Alantron make registration records available to ICANN concerning a specific domain name, as ICANN received a complaint that there was no Whois output available for the domain name. Although numerous requests were made by ICANN to make the registration records available for inspection and copying, as of the date of this letter, Alantron has not made any arrangements to comply with ICANN’s request.

The letter also details Alantron’s alleged failures to make Whois available through Port 43 and its web interface going back to September 1.

ICANN has also threatened to suspend Alantron’s ability to create new registrations. Alantron received a similar de-accreditation warning for Whois failures in April 2010.

It does not say who made the complaint or which domain is in question, but the company has come under fire from security pros in the past for allowing its services to be abused to push fake pharmaceuticals.

Alantron, which has about 26,000 domains under management according to Webhosting.info, has until November 25 to rectify the problem.

eNom to crack down on fake pharma sites

Kevin Murphy, September 17, 2010, Domain Registrars

Demand Media is to tighten security at its domain registrar arm, eNom, after bad press blighted its recent IPO announcement.

The company has signed a deal with fake pharmacy watchdog LegitScript, following allegations that eNom sometimes turns a blind eye to illegal activity on its customers’ domains.

The news emerged in the company’s amended S-1 registration statement (large HTML file), filed with the US Securities and Exchange Commission yesterday. New text reads:

We recently entered into an agreement with LegitScript, LLC, an Internet pharmacy verification and monitoring service recognized by the National Association of Boards of Pharmacy, to assist us in identifying customers who are violating our terms of service by operating online pharmacies in violation of U.S. state or federal law.

LegitScript will provide eNom with a regularly updated list of domain names selling fake pharma, so the registrar can more efficiently turn them off. The companies have also agreed to work together on research into illegal online pharmacies.

Surrounding text has also been modified to clarify that eNom is not required, under ICANN rules, to turn off domains that are being used to conduct illegal activity.

This is a bit of a PR win for the small security outfits KnuJon and HostExploit, firms which had used the occasion of Demand’s S-1 filing to give eNom a good kicking in the tech and financial press.

HostExploit reported last month that eNom was statistically the “worst” registrar as far as illegal content goes.

ICANN executives are reportedly going to be hauled to Washington DC at the end of the month to explain the problem of fake pharma to the White House.

Registries and registrars have also been invited, and I’d be surprised if eNom is not among them.

  • Page 2 of 2
  • <
  • 1
  • 2