Israeli registrar denies “arms dealer” claims
Israeli registrar GalComm has denied being involved in a widespread malware distribution scheme after being fingered by a security outfit.
Last month Awake Security accused the registrar, officially Communigal Communication Ltd, of being “at best complicit in malicious activity”.
The firm published a report entitled “The Internet’s New Arms Dealers: Malicious Domain Registrars” which linked GalComm to a network of malicious Chrome browser extensions the firm said can steal sensitive data from users who have them installed.
It identified 111 such plug-ins, which it said have been downloaded 33 million times, using over 15,000 domains registered via GalComm.
GalComm has around 48,000 domains registered in gTLDs at the last count, so that’s a sizable percentage of the registrar’s business.
Awake came to the conclusion that GalComm was well-aware of what its customers were up to.
Now, the registrar has sent a cease-and-desist notice to Awake, CC’d to ICANN (pdf), in which it denies all knowledge and responsibility for the malware.
GalComm’s line, to summarize, is that it’s just a registrar, and that it has no obligation to monitor how its customers use their domains.
It adds that the domains in question amount to 10% of its DUM. Still a pretty big chunk.
The company wants Awake to retract its report by today, which it has not yet done, or it will call in the lawyers.
Recent Comments