Latest news of the domain name industry

Recent Posts

Cops say new gTLDs shouldn’t launch without a Big Brother RAA

Law enforcement agencies are not happy with the proposed 2013 Registrar Accreditation Agreement, saying it doesn’t go far enough to help them catch online bad guys.

Europol and the FBI told ICANN’s Governmental Advisory Committee yesterday that people need to have their full identities verified before they’re allowed to register domain names.

They added that new gTLDs shouldn’t be allowed to launch until a tougher RAA is agreed to and signed by registrars.

The draft 2013 RAA would force registrars to validate their customers’ email addresses or phone numbers after selling them a domain, but law enforcement thinks this is not enough.

“We need a bit more in this area,” Troels Oerting, head of Europol’s European Cybercrime Centre, told the GAC during a Sunday session. “We need a bit more to be verified in addition to the phone or email.”

“It’s very, very important that we are able to identify perpetrators able, to identify the originators, and it’s not enough that you just put in the email or phone,” he said.

He added that there should also be re-verification procedures and ongoing compliance monitoring from ICANN, and said that only registrars signing the 2013 RAA should be allowed to sell new gTLD domains.

Europol has sent a letter to ICANN (not yet published, it seems) outlining four areas it wants to see the RAA “improved”, Oerting said.

Given that many GAC members, including the US, seem to support this position, it’s yet another threat to ICANN’s new gTLD launch timetable, not to mention privacy and anonymous speech in general.

The law enforcement recommendations are not new, of course. They’ve been in play and GAC-endorsed for many years, but were watered down during ICANN’s RAA talks with registrars.

Cops seize 36 carder domains

Kevin Murphy, April 26, 2012, Domain Policy

The FBI and UK Serious Organised Crime Agency have seized 36 domain names that were allegedly being used to sell compromised credit card information.

As well as seizing the domains and a number of computers, SOCA said it has arrested two men “suspected of making large scale purchases of compromised data” from the sites.

The sites all used what SOCA calls “automated vending cart” software to process the sale of credit card information. Judging by the video below, some of the operations were fairly professional.

One of the seized domains was cvvplaza.com. SOCA provided the following video which really has to be seen to be believed.

I wonder if the spokesmodel had any idea what she was getting into when she accepted this gig.

While the full list of domains was not released, a SOCA spokesperson said the breakdown by TLD was as follows:

.name – 2
.net – 11
.biz – 4
.us – 5
.com – 11
.org – 3

These are all TLDs whose registries are based in the United States, so I’m guessing the US authorities did the actual seizing.

Feds seize billion-dollar poker domains

Kevin Murphy, April 15, 2011, Domain Policy

Five domain names associated with online poker sites have been seized by the FBI as part of an investigation that has also seen 11 people indicted.

The principals of PokerStars, Absolute Poker and Full Tilt Poker, along with third-party “payment processors”, stand accused of engaging in a massive money laundering scheme in order to accept billions of dollars of payments from American gamblers in violation of US laws.

The charges carry possible maximum sentences of between five and 30 years in prison, along with substantial monetary fines. Two men have been arrested, a third is due to be arraigned, and the remainder are currently outside of the US, according to a press release (pdf).

The US Attorney for the Southern District of New York said five domain names have been seized by the FBI in connection with the prosecutions.

It’s not yet clear which domains have been seized.

From where I’m sitting in London, absolutepoker.com already shows an FBI warning banner, but pokerstars.com and fulltiltpoker.com both resolve normally. I may be receiving cached DNS data.

Blogger Elliot Silver, sitting behind a resolver on the other side of the pond, reports that ub.com is among the seized domains.

Unlike previous recent seizures, which were carried out by the US Immigration and Customs Enforcement agency, this time the FBI appears to be the responsible agency.

And this time, these aren’t two-bit file-sharing forums or Chinese knock-off merchandise sites, we’re talking about businesses that are perfectly legal in many jurisdictions, clearing billions in revenue.

But according to US Attorney’s charges, the companies carried out an elaborate plan to cover up the sources of their revenue through third parties and phoney bank accounts.

The companies are even alleged to have made multi-million dollar investments in failing banks in order to get them to turn a blind eye to the illicit gambling activities.

It appears that the FBI went straight to the .com registry, VeriSign, as some of the affected domains appear to be registered through UK-based corporate registrar Com Laude.

If you’re wondering whether this is yet another confirmation that all .com domains are subject to US jurisdiction, this is your takeaway sentence, from Manhattan US Attorney Preet Bharara:

Foreign firms that choose to operate in the United States are not free to flout the laws they don’t like simply because they can’t bear to be parted from their profits.

The suits seek $3 billion in allegedly ill-gotten gains to be returned.

IP address privacy policy killed

Kevin Murphy, April 19, 2010, Domain Policy

A proposal that would have brought the equivalent of domain name proxy registrations to IP addresses in North America has been dropped after its author had a chat with the FBI.

The policy would have allowed ISPs that take their IP addresses from ARIN, the American Regional Internet Registry, to substitute their own contact information in place of their customers’ details.

Proposing the policy, Aaron Wendel of WholesaleInternet.com initially said that the requirement to publish customer lists into a Referral Whois (RWHOIS) database “runs contrary to good business practices” and allows ISPs to poach each other’s customers.

Wendel publicly withdrew his proposal an hour ago at the ARIN meeting in Toronto, shocking some attendees.

He said he was doing so after a late-night session hearing the concerns of an FBI agent who is at the meeting, as well as conversations with members of ARIN staff.

The proposed policy had also been criticized by companies including Paypal, and many security experts.

RWHOIS allows any internet user to identify the user of an IP address in much the same way as Whois allows domain name registrants to be identified.

It is regularly used by law enforcement to track down spammers and other online crooks.

Unlike Whois, RWHOIS has a carve-out protecting residential users.