Latest news of the domain name industry

Recent Posts

Hackers break .mobi after Whois domain expires

Kevin Murphy, September 12, 2024, Domain Registries

It’s probably a bad idea to let a critical infrastructure domain expire, even if you don’t use it any more, as Identity Digital seems to be discovering this week.

White-hat hackers at WatchTowr today published research showing how they managed to undermine SSL security in the entire .mobi TLD, by registering an expired domain previously used as the registry’s Whois server.

Identity Digital, which now runs .mobi after a series of acquisitions, originally used whois.dotmobiregistry.net for its Whois server, but this later changed to whois.nic.mobi and the original domain expired last December.

WatchTowr spotted this, registered the name, and set up a Whois server there, which went on to receive 2.5 million queries from 135,000 systems in less than a week.

Sources of the queries included security tools such as VirusTotal and URLSCAN, which apparently hadn’t updated the hard-coded Whois URL list in their software, the researchers said.

GoDaddy and Domain.com were among the registrars whose Whois tools were sending queries to the outdated URL, WatchTowr found.

Incredibly, so was Name.com, which is owned by Identity Digital, the actual .mobi registry.

More worryingly, it seems some Certificate Authorities, responsible for issuing the digital certificates that make SSL work, were also using the old Whois address to verify domain ownership.

WatchTowr says it was possible to obtain a cert for microsoft.mobi by providing its own email address in a phony Whois record served up by its bogus Whois server.

“Effectively, we had inadvertently undermined the CA process for the entire .mobi TLD,” the researchers wrote.

They said they would have also been able to send malicious code payloads to vulnerable Whois clients.

While WatchTowr’s research doesn’t mention ICANN, it might be worth noting that the change from whois.dotmobiregistry.net to whois.nic.mobi is very probably a result of .mobi’s transition to a standardized gTLD registry contract, which requires all registries to use the whois.nic.[TLD] format for their Whois servers.

As a pre-2012 gTLD, .mobi did not have this requirement until it signed a new Registry Agreement in 2017. There are still some legacy gTLDs, such as .post, that have not migrated to the new standard URL format.

The WatchTowr research, with a plentiful side order of cockiness, can be read in full here.

Bosnian government to sue US domain firm that cut it off

Kevin Murphy, November 3, 2023, Domain Registries

One of Bosnia and Herzegovina’s two governments has said it will sue a US domain name company — probably Verisign — for turning off the domain it was using for official government business.

“The Government of the Republic of Srpska will hire legal experts to prepare a lawsuit against the company that disabled the use of the website of the Government of the Republic Srpska without prior notice,” the government said in a statement on its new web site.

It did not name the company in question, but we can narrow it down to a few.

Its old domain, vladars.net, was registered via Dotster, a reseller for Domain.com, part of Newfold Digital. The .net registry is of course Verisign. These are all American companies subject to US legal jurisdiction.

The domain still exists in Whois, but has been removed from the .net zone file and does not resolve.

The Republika Srpska, or Serb Republic, is part of Bosnia and Herzegovina that doesn’t particularly want to be a part of Bosnia and Herzegovina. As such, its new domain is in .rs, the ccTLD for neighboring Serbia, rather than Bosnia’s .ba.

The old .net domain was reportedly deleted due to US sanctions against the Republic, which were expanded October 20 to include members of President Milorad Dodik’s family and several corporate entities.

The US accuses the Dodik family of widespread “graft, bribery, and other forms of corruption” and engaging in “divisive ethno-nationalistic rhetoric” to divert attention from their activities. It additionally accuses them of violating the Dayton Peace Agreement, which ended the war in the region in the 1990s.

Registrar giant created as Web.com merged with Endurance

Kevin Murphy, February 11, 2021, Domain Registrars

Clearlake Capital Group, which has taken Endurance International private and recently took a big stake in Web.com, has merged the two registrar stables to create a new company it’s calling Newfold Digital.

By my reckoning, Newfold has probably become the second-largest registrar group by domains under management, with around 16.5 million gTLD names across just its best-known half-dozen brands, leapfrogging Namecheap and Tucows in the registrar league table.

That number’s probably a big understatement. It doesn’t capture ccTLDs and does not take into account that the company now has hundreds of active ICANN accredited registrars, largely due to Web.com’s drop-catching business.

Its best-known registrar brands are Register.com, Network Solutions, Domain.com, BuyDomains, BigRock, PublicDomainRegistry and CrazyDomains. Its BlueHost and HostGator brands are both pretty big deals in web hosting.

Clearlake says Newfold has 6.7 million customers worldwide.

The privatization of Endurance, which sees it delisted from the Nasdaq stock exchange, was announced in November and cost Clearlake $3 billion. The value of its Web.com stake, which it acquired last month, was not disclosed.

Siris Capital, which bought Web.com in 2018, continues to have a stake.

Newfold will be led by two Web.com execs — CEO Sharon Rowlands and CFO Christina Clohecy.

The deal follows Web.com’s unsuccessful attempt to buy Webcentral last year.

There’s no word on (presumably inevitable) layoffs as the two companies come together.

Another domain firm going private as Endurance announces $3 billion deal

Kevin Murphy, November 3, 2020, Domain Registrars

Endurance International, owner of registrar brands including Domain.com, BigRock and BuyDomains, plans to go private in a $3 billion private equity deal.

The buyer is Clearlake Capital group, in what appears to be its first foray into the domain name market.

It has offered to pay $9.50 for each Endurance share, saying it’s a 79% premium on the closing price the day before the media first got a whiff of a deal being in the works back in September and a 64% premium on Friday’s close.

The deal is still subject to shareholder approval, but Endurance says institutional investors accounting for 36% of its shares have already promised to vote in favor.

Endurance yesterday also announced its third-quarter financial results. It reported net income down from $7.8 million to $6.7 million, on revenue that was up 3% at $278.4 million.

The company does not break out what portion of its revenue or profit comes from domains. Hosting and web marketing services are also a big part of its business.

Endurance domain revenue dips

Kevin Murphy, February 7, 2019, Domain Registrars

Endurance International put in a poor show when it came to domains name sales in 2018.
Revenue and average revenue per registrant were both down in the fourth quarter and full-year results, which were announced this morning.
Endurance’s registrar business includes BigRock, Domain.com, FastDomain, PublicDomainRegistry.com and others.
Combined, those four brands account for almost 10 million gTLD domains under management, but that number has also been heading south recently.
The company said today that its fourth-quarter domain revenue was $31.3 million, down from $33 million a year earlier. It had 666,000 domain subscribers at the end of the quarter, down from 683,000.
Average revenue per subscriber for the quarter was also down, from $16.63 to $15.63.
For the full year, revenue was down from $133.6 million to $129.9 million and average revenue per subscriber was down from $16.98 to $16.05.
The shrinkage is reflected in the latest transaction reports filed with ICANN, too.
In October, the most recently reported month, all four of Endurance’s biggest registrar brands shrunk in terms of DUM.
PDR was the biggest loser — actually topping the list of shrinking registrars — shedding over 76,000 gTLD domains, over 10,000 of which was from net transfers.

Endurance losing founder-CEO next week

Kevin Murphy, August 16, 2017, Domain Registrars

Endurance International, the parent company of registrar brands including Public Domain Registry, BuyDomains, Domain.com and BigRock, will see its founding CEO resign next week.
The company said this week that Hari Ravichandran will be replaced by Jeff Fox, most recently chair of customer relationship management software vendor Convergys, on August 22.
Endurance, which makes about 12% of its revenue from domain registrations, had disclosed Ravichandran’s plan to move on back in April, when it was characterized as an effort to move the company to the next stage of growth.
But it comes in the context, as the company has acknowledged, of an ongoing Securities and Exchange Commission investigation into its 2015 acquisition of Constant Contact.
The SEC probe has been going on since at least December 2015.
Endurance is also facing flattening top-line growth — revenue of $292.3 million, up 1% on last year, in the second quarter — and deepening losses.
Fox was CEO of Convergys from 2010 to 2012. He is also principal of The Circumference Group, his own investment/advisory firm.

Domain.com owner files for $400m IPO, to spend $110m buying Directi

Kevin Murphy, September 10, 2013, Domain Registrars

Endurance International, owner of Domain.com and HostGator, plans to raise up to $400 million in a Nasdaq IPO, and said it will spend up to $110 million of that buying Directi, India’s largest domain registrar.
As part of the proposed acquisition, Endurance has also agreed to bankroll Directi’s new gTLD auctions to the tune of $62 million.
The acquisition is not final, and appears to depend on a number of targets related to the IPO and Directi’s revenue performance. Endurance’s S-1 filing with the US Securities and Exchange Commission reads:

In August 2013, we entered into a master share purchase agreement to acquire all of the outstanding capital stock of Directi from Directi Holdings, the seller, for an amount we estimate will be between $100 million and $110 million in cash or, at the election of the seller, a combination of cash and shares of our common stock, subject to the satisfaction or waiver of specified customary closing conditions and the achievement of specified financial targets.

The acquisition would close in the fourth quarter this year.
As well as running a top-ten registrar (and a few dozen others), Directi subsdiary Radix Registry has 29 active new gTLD applications, 26 of which are contested.
Endurance proposes to help Radix win these contention sets. On new gTLD auctions, the S-1 says:

in connection with our proposed acquisition of Directi, we entered into agreements with entities affiliated with Directi Holdings related to participation in the auction of new top level domain extensions and domain monetization activities, pursuant to which, among other things, we may be obligated to make aggregate cash payments of up to a maximum of approximately $62 million, subject to specified terms, conditions and operational contingencies.

Endurance is a complicated company. Its most familiar brands include Domain.com, iPage, FatCow, Homestead, Bluehost, HostGator, A Small Orange, iPower and Dotster.
But since December 2011 it has been controlled and majority owned by Warburg Pincus and Goldman Sachs, which paid a reported $975 million.
Its annual revenue for the last three calendar years has been $87.8 million, $190.3 million and $292.2 million. It’s currently not profitable, recording a net loss of $139.2 million in 2012.
It has seven million domains under management and had 3.4 million customers at the end of June 2013.
Judging by the S-1, the company has over a billion dollars of debt. Directi acquisition excluded, most of its IPO proceeds would go towards paying off some of that debt.