Recent Posts
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
New gTLD phishing still tiny, but .xyz sees most of it
New gTLDs are not yet being widely used to carry out phishing runs, but most such attacks are concentrated in .xyz.
That’s one of the conclusions of the Anti-Phishing Working Group, which today published its report for the second half of 2014.
Phishing was basically flat in the second half of the year, with 123,972 recorded attacks.
The number of domains used to phish was 95,321, up 8.4% from the first half of the year.
However, the number of domains that were registered maliciously in order to phish (as opposed to compromised domains) was up sharply — by 20% to 27,253 names.
In the period, 272 TLDs were used, but almost 54% of the attacks used .com domains. In terms of maliciously registered domains, .com fared worse, with over 62% share.
According to APWG, 75% of maliciously registered domains were in .com, .tk, .pw, .cf and .net.
Both .tk and .cf are Freenom-administered free ccTLDs (for Tokelau and the Central African Republic) while low-cost .pw — “plagued” by Chinese phishers — is run by Radix for Palau.
New gTLDs accounted for just 335 of the maliciously registered domains — 1.2% of the total.
That’s about half of what you’d expect given new gTLDs’ share of the overall domain name industry.
Twenty-four new gTLDs had malicious registrations, but .xyz saw most of them. APWG said:
Almost two-thirds of the phishing in the new gTLDs — 288 domains — was concentrated in the .XYZ registry. (Of the 335 maliciously registered domains, 274 were in .XYZ.) This is the first example of malicious registrations clustering in one new gTLD, and we are seeing more examples in early 2015.
XYZ.com aggressively promoted cheap or free .xyz names during the period, but APWG said that only four .xyz phishing names were registered via freebie partner Network Solutions.
In fact, APWG found that most of its phishing names were registered via Xin Net and used to attack Chinese brands.
But, normalizing the numbers to take account of different market shares, .xyz shapes up poorly when compared to .com and other TLDs, in terms of maliciously registered domains. APWG said:
XYZ had a phishing-per-10,000-domains score of 3.6, which was just slightly above the average of 3.4 for all TLDs, and lower than .COM’s score of 4.7. Since most phishing domains in .XYZ were fraudulently registered and most in .COM compromised, .XYZ had a significantly higher incidence of malicious domain registrations per 10,000 coming in at 3.4 versus 1.4 for .COM.
APWG said that it expects the amount of phishing to increase in new gTLDs as registries, finding themselves in a crowded marketplace, compete aggressively on price.
It also noted that the amount of non-phishing abuse in new gTLDs is “much higher” than the phishing numbers would suggest:
Tens of thousands of domains in the new gTLDs are being consumed by spammers, and are being blocklisted by providers such as Spamhaus and SURBL. So while relatively few new gTLD domains have been used for phishing, the total number of them being used maliciously is much higher.
The number of maliciously registered domains containing a variation on the targeted brand was more or less flat, up from 6.6% to 6.8%.
APWG found that 84% of all phishing attacks target Chinese brands and Chinese internet users.
The APWG report can be downloaded here.
UPDATE: XYZ.com CEO Daniel Negari responded to the report by pointing out that phishing attacks using .xyz have a much shorter duration compared to other TLDs, including .com.
According to the APWG report, the average uptime of an attack using .xyz is just shy of 12 hours, compared to almost 28 hours in .com. The median uptime was a little over six hours in .xyz, compared to 10 hours in .com.
Negari said that this was due to the registry’s “aggressive detection and takedowns”. He said XYZ has three full-time employees devoted to handling abuse.
Draconian Chinese crackdown puts domain industry at risk
The vast majority of top-level domain registries could soon be banned from selling domains into China due to a reported crackdown under a decade-old law.
That’s according to Allegravita, a company that helps registries with their go-to-market strategies in the country.
Allegravita released a report last week claiming that Chinese registrars will be forbidden to sell domains in TLDs that are not on a government-approved list.
The crackdown could come as early as July, the report says:
Foreign registries which have not applied for Chinese market approval are advised to do so in the near term, as unapproved Top-Level Domains are likely to be taken off the market from July this year.
As of April 30, there were only only 14 TLDs on the approved list. All of them are run by Chinese registries and only five do not use Chinese script.
Not on the list: every legacy gTLD, including .com, as well as every ccTLD apart from .cn.
The Draconian move is actually the implementation of regulations introduced by China’s Ministry of Industry and Information Technology over a decade ago but not really enforced since.
As I reported in December, Donuts was facing problems launching its Chinese-script gTLDs due to this red tape.
MIIT announced in 2012 that new gTLD applicants would need licenses to sell into China.
According to Allegrevita, which until recently was working heavily with TLD Registry (“.chinesewebsite”) on its entry into the country, it’s “no longer ambiguous” that MIIT has asserted full oversight of the domain industry in China.
MIIT’s crackdown appears to be focused on the 93 Chinese registrars it has approved to do business.
Allegravita says these companies will not be allowed to sell unapproved TLD domains to Chinese registrants, but that existing registrations will be grandfathered:
by sometime in July 2015, the MIIT will not permit unapproved registries to operate or offer their domains for sale in China. The MIIT will not interfere with existing domain registrations for unapproved registries; however, new registrations will not be permitted to be sold by Chinese registrars to Chinese registrants.
Presumably, non-Chinese registrars will reap the benefits of this as Chinese would-be registrants look elsewhere to buy their domains.
China is an important market for many registries, particularly the low-cost ones.
Judging by MIIT’s web site, getting approval to sell your TLD in China involves a fairly stringent set of requirements, including having a local presence.
MIIT said in a press release last month that the “special action” is designed “to promote the healthy development of the Internet, to protect China’s Internet domain name system safe and reliable operation
Krueger removed as chair as M+M finally starts seeing some revenue
Minds + Machines co-founder Fred Krueger has been kicked out of his job as executive chairman of the company.
The news came as the new gTLD registry reported its first full year of results as a proper, revenue-generating company.
The company reported revenue of $1.9 million for 2014, compared to $56,000 in 2013.
Its report includes a “cash revenue” line of $5 million, to show off revenues that it has deferred to future periods due to standard domain industry accounting.
For accounting purposes, M+M was profitable to the tune of $22 million for the year, but almost none of that is from actually selling domains — $33.7 million of profit came from losing new gTLD auctions.
That’s not a sustainable or predictable part of the business — nobody knows exactly when or if ICANN will launch the next round of new gTLDs — but it did help M+M grow its cash pile to $45.7 million.
That pile may grow or shrink depending on how aggressive the company is in its 11 remaining new gTLD contention set auctions.
CEO Antony Van Couvering said that M+M is also eyeing acquisition opportunities as the new gTLD industry enters an early consolidation phase.
He said that M+M’s early priorities include a focus on selling premium domains that have higher than usual annual renewal fees.
At the same time as announcing its results, the company said Krueger, who founded M+M with Van Couvering in 2009 in anticipation of the new gTLD program, has quit.
While he’s technically resigned, he left no doubt in his unusually frank resignation letter that he’s actually been forced out by the M+M board of directors.
He wrote that the decision was “initiated by the board” and that his “decision” to leave “was unexpected – for me at least”.
He added that he was “OK with it, indeed supportive of it” and that he has no intention to sell off his substantial stake in the company.
Krueger will now focus on Mozart, a web site building software maker that he’s been leading for the last couple of years. M+M has a deal to offer Mozart to its registrants.
He’s been replaced, albeit in a non-executive capacity, by Keith Teare, an existing director.
Teare is a tech veteran perhaps best known in the domain industry for launching and running RealNames, which attempted to replicate AOL Keywords for the Internet Explorer browser at the turn of the century.
ICANN says “no impact” from TMCH downtime
The 10-hour outage in the Trademark Clearinghouse’s key database had no impact on domain registrations, ICANN says.
We reported earlier this week that the TMCH’s Trademark Database had been offline for much of last Friday, for reasons unknown.
We’d heard concerns from some users that the downtime may have allowed registrants to register domain names matching trademarks without triggering Trademark Claims notices.
But that worry may have been unfounded. ICANN told DI:
The issue occurred when two nodes spontaneously restarted. The cause of this restart is still under investigation. Although both nodes came back up, several services such as the network interface, TSA Service IP and the SSH daemon did not. All TMDB Services except the CNIS service were unavailable during the outage. From a domain registration point of view there should have been no impact.
CNIS is the Claim Notice Information Service, which provides registrars with Trademark Claims notice data.
Concern over mystery TMCH outage
The Trademark Clearinghouse is investigating the causes and impact of an outage that is believed to have hit its primary database for 10 hours last Friday.
Some in the intellectual property community are concerned that the downtime may have allowed people to register domain names without receiving Trademark Claims notices.
The downtime was confirmed as unscheduled by the TMCH on a mailing list, but requests for more information sent its way today were deflected to ICANN.
An ICANN spokesperson said that the outage is being analyzed right now, which will take a couple of days.
The problem affected the IBM-administered Trademark Database, which registrars query to determine whether they need to serve up a Claims notice when a customer tries to register a domain that matches a trademark.
I gather that registries are supposed to reject registration attempts if they cannot get a definitive answer from the TMDB, but some are concerned that that may not have been the case during the downtime.
Over 145,000 Claims notices have been sent to trademark owners since the TMCH came online over a year ago.
(UPDATE: This story was edited May 21 to clarify that it is the TMCH conducting the investigation, rather than ICANN.)
Obama, Apple, cancer and Taylor Swift’s cat top lists of most searched-for .sucks domains
You’ve got to hand it to .sucks registry Vox Populi.
The pricing may be “exploitative” and “predatory”, as the intellectual property community believes, but damn if the the company doesn’t know how to generate headlines.
Vox Pop has just added a new ticker stream to its web site, fingering the 50 most sucky celebrities, politicians, companies, social ills and abstract concepts.
The lists have been compiled from “more than a million” searches for .sucks domains that Vox Pop has seen pass through its system, according to CEO and veteran PR man John Berard.
For some reason, TayloySwiftsCat.sucks is the most searched-for in the “Personalities” category.
I’m guessing this relates to a meme that has yet to reach my isolated, middle-aged, non-country-music-loving corner of the world.
Whatever the cat did to earn this ire, it’s presumably equivalent to what Barack Obama, Apple, cancer and just life generally has done to searchers on the .sucks web site.
Here are the lists of most-searched-for terms, as it stands on the .sucks web site right now.
Top Personalities:
- 1. TaylorSwiftsCat
- 2. JustinBeiber
- 3. KevinSpacey
- 4. Oprah
- 5. KimKardashian
- 6. KayneWest
- 7. GuyFieri
- 8. TomBrady
- 9. DonaldTrump
- 10. OneDirection
Catch Phrases:
- 1. Life
- 2. YourMomma
- 3. This
- 4. Everyone
- 5. MyJob
- 6. MyLife
- 7. Reality
- 8. YouKnowWhat
- 9. Who
- 10. College
Causes:
- 1. Cancer
- 2. Technology
- 3. Obesity
- 4. Racism
- 5. Depression
- 6. Meat
- 7. AIDS
- 8. Hate
- 9. Poverty
- 10. Government
Companies:
- 1. Apple
- 2. Google
- 3. Microsoft
- 4. Facebook
- 5. Comcast
- 6. Walmart
- 7. CocaCola
- 8. McDonalds
- 9. Sony
- 10. Amazon
Politicians:
- 1. Obama
- 2. Hillary
- 3. TedCruz
- 4. RandPaul
- 5. StephenHarper
- 6. Putin
- 7. JebBush
- 8. TonyAbbott
- 9. DavidCameron
- 10. Democrats
Make no mistake, this is a headline-generating exercise by Vox Pop.
It comes as .sucks hits 10 days left on the clock for its $1,999+-a-pop sunrise period.
The company got a shed-load of mainstream media publicity when celebrities, starting with Kevin Spacey, started registering their names in .sucks several weeks ago.
It’s looking to get more headlines now, from lazy journalists and bloggers.
This is one of the first, for which I can only apologize.
XYZ and Uniregistry acquire .car from Google, launch joint venture
XYZ.com and Uniregistry have launched a joint venture to operate a trio of car-related new gTLDs, after acquiring .car from Google.
Cars Registry Ltd is a new company. It will launch .cars, .car and .auto later this year.
Uniregistry won .cars and .auto at auction last year. Google was the only applicant for .car.
It signed its ICANN contract in January but transferred it to Cars Registry a little under a month ago.
The newly formed venture plans to launch all three TLDs simultaneously in the fourth quarter this year.
.car is currently in pre-delegation testing. The other two are already in the root.
Cars Registry does not have the the car-related domain space completely sewn up, however.
Dominion Enterprises runs .autos, albeit with a plan to launch the TLD with restrictions that may well mean it does not directly compete with the other three TLDs.
Launch details for .cars, .car and .auto have not yet been released.
Judging by the gTLDs’ web site, they will run on the Uniregistry back-end.
Barclays confirms move away from .com to new gTLD
Barclays has become one of the first major companies to explicitly confirm it will dump traditional gTLDs and ccTLDs in favor of its new dot-brands.
The $25 billion-a-year bank said it will “transfer its online assets to proprietary domain names — .barclays and .barclaycard — away from the traditional location-specific .com and .co.uk web addresses.”
The transition is a “long-term” play, but it’s started already, with “non-transactional” parts of its web site already using the two new gTLDs.
Basically, we’ve entered the brochureware phase of the dot-brand evolution.
home.barclays already mirrors barclays.com — both are simultaneously live right now — but the online banking service remains at barclays.co.uk.
In a May 11 press release that seems to have slipped under everyone’s radar last week, Barclays chief security officer Troels Oerting, until a few months ago cyber-crime chief at Europol, said:
The launch of the .barclays and .barclaycard domain names creates a simplified online user experience, making it crystal clear to our customers that they are engaging with a genuine Barclays site.
This clarity, along with the advantages of controlling our own online environment, enables us to provide an even more secure service, which we know is of utmost importance to our customers, and ultimately serves to increase trust and confidence in Barclays’ online entities.
This is precisely what advocates of dot-brands pitched as the benefits of the new gTLD program.
While many applicants stated similar plans in their gTLD applications, I think there’s been a degree of skepticism about whether they would follow through.
Barclays’ moves are happening faster than I expected — the .barclays gTLD was delegated in January — showing a degree of enthusiasm.
The charitable Australian Cancer Research Foundation in February launched sites under its .cancerresearch (not technically a dot-brand), while Hong Kong conglomerate CITIC Group has already experimented with a shift from .com to .citic.
In related news, the non-branded .bank gTLD opened for its sunrise period today.
.sucks explains Sunrise Premium name change
Vox Populi Registry abandonment of the .sucks “Sunrise Premium” brand in favor of a new “Market Premium” service is just a renaming, designed to reduce confusion among trademark owners, according to the company.
As we reported Sunday, all mentions of Sunrise Premium — a list of .sucks domains that will always carry a recommended $2,499 a year fee — have been expunged from the Vox Pop web site.
They were replaced with references to Market Premium, which appeared to carry all the characteristics of Sunrise Premium albeit under a new name.
Now, CEO John Berard has confirmed to DI that the program has not changed.
Rather, the new name is an effort to distance it from the regular sunrise period, which is linked to the Trademark Clearinghouse.
The decision was made following last week’s International Trademark Association conference, Berard said:
It was an insight gained from talking to people at INTA15. The intellectual property people there asked us so many times about the sunrise premium list of names that we realized we had allowed a mis-perception to take hold. This is no and never has been a relationship between that list and the TradeMark ClearingHouse. It was surprising how many people thought we had access to the TMCH (we don’t) and merely cut-and-pasted its names.
That is why we renamed it. Now called Market Premium and more clearly presented as a set of names that over time have been viewed as valuable (because they have been registered before). Names on this list will carry a suggested price of $2,499 (yes, the same as was suggested in Sunrise). Given the list is of names that the market has decided has value, it is likely it will contain trademarks.
The change may also be an attempt to head off a contractual squabble with ICANN.
Last Friday, the ICANN Business Constituency told ICANN management that if the Sunrise Premium list had been populated by names drawn from the TMCH, that would have been a breach of the .sucks Registry Agreement.
.sucks threatens ICANN with defamation claim after “extortion” letters
Vox Populi Registry has threatened to sue ICANN for defamation and other alleged breaches of US law, over allegations of “extortion” made by two of its constituencies.
The registry’s outside law firm wrote to ICANN yesterday, saying that it has “has no interest in pursuing claims at this time” but adding:
if ICANN or any of its constituent bodies (or any directly responsible member thereof) engages in any further wrongful activity that prevents the company from fulfilling its contractual obligations and operating the .SUCKS registry as both ICANN and Vox Populi envisioned, the company will have no choice but to pursue any and all remedies available to it.
The letter follows claims by the Intellectual Property Constituency that .sucks and its $1,999 annual sunrise fees constitute a “predatory” “shakedown”, claims which ICANN has forwarded to US and Canadian trade regulators for their legal opinions.
The IPC letter was followed up by similar claims by the Business Constituency on Friday.
Vox Pop now wants these constituencies, and ICANN itself, to shut up.
“Rather than assuming cooler heads will prevail, it is time to tell ICANN to stop interfering in our ability to operate the registry,” CEO John Berard said in an email to reporters. “We are not taking legal action at this point but making it clear that we reserve the right if ICANN continues in its wrong-headed approach.”
The company denies that .sucks will encourage cybersquatting, noting that like all other gTLDs it is subject to the anti-cybersquatting UDRP and URS remedies.
it would seem that ICANN is not actually concerned about cybersquatting or any other illegal activity. Rather, ICANN appears concerned that registrations on the .SUCKS registry will be used to aggregate uncomplimentary commentary about companies and products — the very purpose for the registry that Vox Populi identified in the application it submitted to ICANN, and that ICANN approved
ICANN has disseminated defamatory statements about Vox Populi and its business practices aimed at depriving Vox Populi of the benefits of its contract with ICANN. These actions further violate the duty of good faith and fair dealing that is implied in every contract… in suggesting illegality without any basis whatsoever, your actions (and those of the ICANN IPC and ICANN BC) have given rise to defamation claims against ICANN. Vox Populi hereby demands that ICANN, including any and all of its subdivisions, cease any and all such activity immediately.
There’s bucketloads of irony here, of course.
The company says it is standing up for its future registrants’ rights to free speech, but wants its own critics gagged today.
Read the letter as a PDF here.
Recent Comments