Recent Posts
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
- $2 million Christmas bonus for ICANN
- Another VW car dot-brand crashes out
- Largest back-end switch EVER as GoDaddy loses deal
- Yeah, we got phished, ICANN admits after crypto hack
- ICANN hacked to promote crypto scam
- Super Bowl a bit of a dud for .com?
- More gloom predicted for .com
- These are the .gov domains Trump has deleted so far
- Did Trump just create the world’s next ccTLD?
- $3,000 to do a Whois lookup?
- PIR to join GlobalBlock, but its crown jewel won’t
- LA wildfire victims get domain deletes delay
- .free domains to finally arrive as Amazon reveals three gTLD launches
- Six more gTLDs shown the door, five may be auctioned
- Registrar terminated after ignoring Whois transition
- $10 million ICANN giveaway winners picked
- Whois officially died today
- Typo left MasterCard open to hackers for years
- Could ICANN approve an R-word gTLD?
- These are the TLD growers and shrinkers of 2024 (part two)
- GoDaddy ordered to stop lying about crappy security
- These are the TLD growers and shrinkers of 2024 (part one)
- Dead terrorist domains for sale, just without the hyphens
- ICANN eyes more price hikes as it predicts dismal year for industry
- Meet the six people battling to join ICANN’s board
- New gTLD use cases not much use
- Defensive dot-brands are renewing, making ICANN millions
- Identity Digital offers free domain trials through LinkedIn
- Antisemitic remarks cost registrar dearly
- ICANN lawyers want to keep their clients secret
- Facebook cybersquatter asks ICANN to overturn UDRP ruling
- .xxx founder Stuart Lawley has died
- The new gTLD Next Round is really happening as two ICANN programs go live
- Verisign has much to be thankful for as .com contract renewed
- Another 40,000 .ai domains registered
- RDRS usage hits new low
- A dot-brand that was actually used is shutting down
- .id joins the million-domain club
- GoDaddy’s .xxx contract renewed
- Twitter clone Bluesky has one feature domain people should like
- ICANN confirms two bans on new gTLD gaming
- eBay slogan domain no longer has a BIN price
- Will Donald Trump be .io’s white knight?
- As customers flee legacy gTLDs, .org tops 11 million names
- Company accidentally puts porn domain on kids’ toys
- eBay’s new slogan looks like a $75,000 domain it doesn’t own
- Americans are deserting .com
- Weak Q3 for the domain universe, Verisign reports
- ICANN says it WILL raise its domain taxes soon
- Senator says domain industry “enables” Russian disinfo attacks
- bit.ليبيا? Libya to get its Arabic ccTLD
- Verisign gets eight more years running the root
- Two-horse race for open ICANN board seat
- Chinese say internet not ready for single-letter gTLDs
- Unloved INTA slams ICANN over new gTLDs
- Namecheap scores win in .org price-cap lawsuit
- Some Guy wants to take over .com and .net
- Second-shot gTLD bid rules revealed
- Nominet names directors after tight election
- Lawyer ban coming to ICANN
- Identity Digital to take over .ai
- ICA teams up with WIPO on UDRP reform
- Response to sex harassment lawsuit “inadequate”, say ICANN vets
- Unstoppable tops four million names
- Amazon readying fashion and book gTLDs
- Five times ICANN deleted a ccTLD, and what it means for .io
- Future of .io domains uncertain as UK hands over Chagos islands
- .ai now has over half a million names
- UK and Israel cut ICANN funding
- Twitter now up-to-date on linkification
- Moment of truth as .music domains finally go on sale
- ICANN fixes embarrassing “What is a Domain Name?” mistake
- Another ccTLD opens up its second level
- Reporter gains first access to .io island for decades
- .io sells $40 million of domains after massive uptick
- After five years, “useless” TLD has two web sites
- Verisign agrees to .com takedown rules
- New .com contract could see ALL domain prices go up
- Investing in .ad domains may be risky
- Plurals ban policy handed to ICANN board
- Three .now domains sell at premium EAP prices
- ICANN confirms new gTLD application fee
- New gTLD application fee rises by thousands after collision call
- Former .co registry defeated in $350 million contract fix case
- Is this the first Next Round new gTLD contention battle?
- ICANN names its Supreme Court judges
- Who uses Sunrise nowadays? You might be surprised
- ICANN gunning for Tencent over abuse claims
- All the one-character .sk domains to be auctioned
- Straggler gTLD signs first ICANN contract for years
- GoDaddy likely to win relaxed .xxx deal
- Tonkin promoted to CEO at auDA
- ICANN hires new Ombuds from WIPO
- Big twist as ICANN bans new gTLD auctions
- ICANN to “strengthen” harassment rules as it picks another homophobic meeting host
- .my global relaunch starts slowly despite cheapo prices
- Hackers break .mobi after Whois domain expires
- The new gTLD next, next and next round
- Squarespace gets sweetened $7.2 billion takeover offer
- ICANN hit by DDoS attack
- Russia calls for ICANN to split from US
China connection to Go Daddy WordPress attacks
Go Daddy’s hosting customers are under attack again, and this time it looks like it’s more serious.
Reports are surfacing that WordPress sites hosted at Go Daddy, and possibly also Joomla and plain PHP pages there, are being hacked to add drive-by malware downloads to them.
Go Daddy has acknowledged the attacks, blaming outdated WordPress installations and weak FTP passwords, and has put up a page with instructions for cleaning the infection.
Last week, I was told that the first round of attacks was very limited. Today, the attackers seem to have stepped it up a notch.
As a result, Go Daddy could find itself in a similar situation to Network Solutions, which had a couple of thousand customer sites hacked a few weeks back.
The attacks appear to be linked to a well-known crime gang with a Chinese connection.
According to Sucuri, when a Go Daddy-hosted WordPress page is hacked, JavaScript is injected that attempts to redirect surfers to a drive-by attack from the domain kdjkfjskdfjlskdjf.com (don’t go there).
This domain was registered with BizCN.com, an ICANN-accredited Chinese registrar, but its name servers appear to have been created purely for the attack.
The registrant’s email address is hilarykneber@yahoo.com. This connects the attack to the “Kneber” botnet, a successful criminal enterprise that has been operating since at least December 2009.
A Netwitness study revealed the network comprised at least 74,000 hacked computers, and that the bulk of Kneber’s command and control infrastructure is based in China.
Since Kneber is known to be operated by a financially motivated gang, and it’s by no means certain that they’re Chinese, it’s probably inaccurate to suggest there’s something political going on.
However, I will note that Go Daddy was quite vocal about its withdrawal from the .cn Chinese domain name registration market.
Network Solutions, while it was quieter, also stopped selling .cn domains around the same time as the Chinese government started enforcing strict registrant ID rules last December.
Twenty registrars canned in 2009
ICANN shut down 20 domain name registrars in 2009, and is on course to do the same this year, according to numbers released today.
That’s up from seven de-accreditations in 2008, and twice as many as the previous record year, 2003.
ICANN can withdraw accreditation from a registrar, stopping its ability to register domains, if the registrar fails to escrow Whois information or pay its ICANN dues.
It looks like 2010 could well see a similar level of de-accreditations.
Five registrars were shuttered in the first quarter, and ICANN has sent warnings to five more this month.
Remember CFIT? Buy its domain for $250
Remember CFIT? The Coalition For ICANN Transparency is an ironically opaque organization created and backed by Momentous.ca, owner of Pool.com.
It emerged in 2005 to sue ICANN and VeriSign on antitrust grounds, around the same time as they were negotiating .com price increases.
I’d almost forgotten CFIT existed, until CEO Mark McLaughlin mentioned it on VeriSign’s Q1 earnings conference call last night.
The antitrust lawsuit is still pending, after CFIT won an appeal last June. Tenacious organization indeed.
Its domain name did not have the same longevity, however.
CFIT.info now belongs to a domainer, who appears to have picked it up last December. I offered him twenty bucks for it today and he countered with a $250 offer, which is a bit rich for me.
Whatever PageRank it accrued from all its press coverage appears to have dried up, and its parking page is not especially inspiring.
Any takers?
Hostway wants non-existent domain patent
Hostway, the large web hosting company, has applied for a US patent on a system of intercepting and redirecting requests for non-existent domains names.
The application describes “A system and method for controlling internet traffic controls internet traffic directed to a non-existing domain in a centralized manner.”
It appears to cover a service that could be offered to local ISPs, enabling them to show their users monetized search pages rather than domain-not-found error messages.
Under the system, ISPs would intercept NXDOMAIN responses to their users’ DNS lookups.
Instead of passing the error on to the browser, the ISP would consult a centralized controller for the IP address of a context-appropriate landing page to redirect the user to.
It’s not at all clear to me whether Hostway is using the technology or has plans to do so. The application was filed in October 2008.
ISPs using NXDOMAIN substitution to monetize error traffic is widespread but controversial.
ICANN president Rod Beckstrom strongly complained about the practice, which also has security implications, during a rant at the Nairobi meeting last month.
VeriSign’s Site Finder, and later Cameroon’s .cm, both controversially did similar things when they “wildcarded” non-existent domains at the TLD registry level.
Other interesting US patent applications published today include:
20100106650 – covering Go Daddy’s auction services.
20100106793 and 20100106794 – covering email forwarding under Go Daddy’s private registration services.
20100106731 – assigned to VeriSign, covering a method of offering alternative domain names for registration when a buyer’s first choice is unavailable.
AusRegistry scores Japanese .brand deal
AusRegistry, the .au registry, has inked a deal with Brights Consulting, a company offering .brand domain services to the Japanese corporate market.
The company said the deal will mean AusRegistry will provide the technical back-end for any successful new gTLD applications that Brights manages to secure.
Other companies competing for new gTLD business include old hands VeriSign, Neustar and Afilias, as well as hungry newcomers such as Minds + Machines.
AusRegistry currently manages Australia’s .au, .qa for Qatar and .ae for the United Arab Emirates.
Brights is a corporate, rather than retail, ICANN registrar. I may be wrong, but it looks like the company counts Sony among its clients.
Could there be a .sony on the horizon?
Bigotgate woman gets cybersquatted
Gillian Duffy, an unknown Rochdale pensioner five hours ago, has become the latest victim of celebrity cybersquatting.
Duffy is the voter Gordon Brown described as “bigoted” after she buttonholed him during an election walkabout this morning.
Brown thought he was having a private conversation as his car sped away, unaware that his radio mic was still on. Oops.
As a result, he’s been forced to apologize publicly at least four times in the last four hours, by my count.
The news in the UK has talked about nothing else this afternoon, so it’s hardly surprising that the domain name gillianduffy.co.uk has just been registered.
It’s currently parked with 1&1.
I’ll be fascinated to see what the registrant plans to do with the domain once Mrs Duffy’s 15 minutes are up.
UDRP of the day: how-to-roll-a-blunt-with-a-swisher-sweet.info
This is mildly amusing. Somebody, presumably the cigar company, has filed a UDRP claim against the owner of how-to-roll-a-blunt-with-a-swisher-sweet.info.
The domain name was registered last month and, sadly, does not appear to have any content yet. It’s registered to “Gregory Bong”.
In the US, a “Swisher Sweet” is your basic bog-standard convenience store panatela cigar.
A “blunt” is what the registrant was probably smoking.
The .com version of the domain is, unsurprisingly, available, so I can only assume price was a big factor in Bong’s choice of TLD.
ThePirateBay.org to sell for $10 million
A failed corporate calendar company, Business Marketing Services, says it has made a deal to buy controversial Bittorrent domain thepiratebay.org for $10 million.
This is a strange one. On the face of it, the deal looks like a reverse acquisition with a shell company, designed to get The Pirate Bay a US stockmarket listing.
BMS is listed on the OTC market. According to its last 10-K filing, Hans Pandeya bought a controlling 78% interest in the company this January, for $325,000.
Pandeya is the majority shareholder of Global Gaming Factory X, the Swedish company which last June said it was going to buy The Pirate Bay for $8 million.
That deal, which was widely questioned at the time, does not appear to have ever closed.
Today, BMS said it will buy the thepiratebay.org domain name, and has issued a promissory note in the value of $10 million, deliverable on June 30, 2010.
That’s the same date that GGF thinks it will close the acquisition
Are you following this? Basically, GGF is buying thepiratebay.org, and BMS is buying it off GGF on the same day, assuming the cash exists. Both firms are owned by Pandeya.
As for BMS, it’s a phenomenally unsuccessful company that tried, and failed, to build a business making corporate-branded calendars.
The company is so small it’s barely there. Check out its last 10-K.
We planned to initially print 3,000 wall planners for each industry group that we targeted and distribute them to members of the targeted industry or profession free of charge. Our plan was to generate revenue solely through the sale of advertising space on the wall planners. These wall planners would have been produced upon our sale of all the available advertising space. To date, we have not produced any wall planners… As of December 31, 2009 we had $946 in cash.
This outfit couldn’t even print 3,000 calendars, and now it is the shell into which The Pirate Bay will be reversed.
BMS said it is planning “to use the acquired assets to launch a paid for service with licensed content based on next generation filesharing technology”.
The Pirate Bay was the internet’s most popular source of bootleg torrents. Its back-story is all very complicated.
Wikipedia’s probably your best bet.
Band loses domain, gets $300k anyway
A British pub band forgot to renew its domain name, but wound up £200,000 richer anyway, courtesy of an original work from the popular graffiti artist Banksy.
According to the Bristol Evening Post, Exit Through The Gift Shop was gifted a painting valued by Sotheby’s at £200,000 ($307,000) after it agreed to change its name to avoid a clash with the title of Banksy’s new film.
But was there also another benefactor, the person who caught exitthroughthegiftshop.com when it dropped and sold it to Banksy?
The band’s drummer said:
“We had lost the domain name as we had forgotten to renew it, and when we phoned up to ask to buy it back, the man said no, that we wouldn’t be able to afford it, and that he was the agent for the person who had the domain name.”
Whois records show that exitthroughthegiftshop.com dropped in March 2008, when it was promptly re-registered by somebody who hid behind an eNom privacy service.
The domain was transferred to its present owner (no, it’s not Banksy, I checked) two days before it was due to expire in March last year. Presumably, it was sold.
Did a domainer make a killing in artwork?
Go Daddy plays down “massive” attack claim
Malicious hackers have compromised a number of WordPress installations running on Go Daddy hosting, but the company claims very few customers were affected.
Slashdot carried a story a few hours ago, linking to a blog claiming a “massive” breach of security at the domain name registrar.
(EDIT: as noted in the comments, this blog may itself have been hacked, so I’ve removed the link. You can find it in the comments if you want to take the risk.)
But Go Daddy says the problem is not as widespread as it sounds.
“We received reports from a handful of Go Daddy customers using WordPress their websites were impacted by the script in question,” Go Daddy security chief Todd Redfoot said in a statement.
“We immediately opened an investigation into what happened, how it was done and how many sites were affected,” he said. “The investigation is currently ongoing.”
The attack is certainly not ubiquitous. I host a number of WordPress sites with Go Daddy, including this one, and they all appear to be working fine today.
And a Twitter search reveals no references to an attack today prior to the Slashdot post, apart from the blog it was based on.
That doesn’t prove anything, but when Network Solutions’ WordPress hosting was breached last week there was a lot more tweet noise. That attack had thousands of victims.
For those interested in the details of the attack, this WordPress security blog appears to be the best place to get the nitty-gritty.
Recent Comments