Notorious registrar gets deactivation notice for president's sin

RIP EstDomains


EstDomains, a domain name registrar with a reputation for catering to cyber criminals, suffered another blow after the organization that oversees the net's address system said it would revoke the company's right to sell domain names because of a recent fraud conviction in Estonia of its president.

In a letter addressed to EstDomains President Vladimir Tsastsin, an official with the Internet Corporation for Assigned Names and Numbers said EstDomain's registrar accreditation would be revoked on November 12.

"This termination is based on your status as President of EstDomains and your credit card fraud, money laundering and document forgery conviction," Stacy Burnette, ICANN's director of contractual compliance, wrote. ICANN rules permit the group to terminate registrars who have officers or directors convicted of a crime related to financial activities, she said.

An EstDomains representative said the group was working to block the move.

Tuesday's letter (PDF) is the latest black eye for EstDomains, which has been sharply criticized by many security experts for registering domain names used in phishing, spam, malware, and the sale of drugs that are illegal in some countries.

Last month, a company that provides software used to shield the identity of domain name owners said it was cutting off EstDomains because a high percentage of its customers used the anonymizing service to register websites that engaged in cyber crime. Three weeks later, network provider Intercage, struggling with its own reputation as a haven for cyber criminals, terminated its contract with EstDomains and its sister company EstHost.

Throughout the entire controversy, principals with EstDomains and EstHost have maintained they do not knowingly allow customers to run illegal websites.

"We don't provide the service for spammers/phishers etc, and we never did," Konstantin Poltev, registry liaison for EstDomains, wrote in an email to The Register on Wednesday. He said officials with the company were appealing ICANN's move on several grounds. For one, Tsastsin hasn't been a director or officer of EstDomains since June. And for another, the February court record, which was reported here by Brian Krebs's Security Fix blog, has never taken effect.

"The document the ICANN is referring to, is the decision of the Circuit court, or, in other words, the court of the first level, which has never been enforced and will never be," Poltev wrote. "95% of all criminal cases in the Circuit courts of Estonia end with bringing in a verdict against a defendant, however in most cases the decision of the Circuit court is pushed to Supreme court for review, end up with the final decision of a Supreme court in favor of a defendant."

Over the past few months, as a flurry of negative reports and news articles cast EstDomains in a harsh spotlight, the company has grown more responsive to reports of abuse, one critic said.

"They started dumping anything we'd tell them about and it almost seemed like it was out of a panic," said Garth Bruen, part of a two-man outfit called Knujon that is dedicated to clamping down on registrars that enable phishing and the sale of steroids and other drugs that are illegal in the US and many other countries without a prescription.

ICANN is already preparing for the transfer of some 281,000 domain names under EstDomains' management. The registrar is free to recommend an ICANN-accredited agent to receive a bulk transfer, or qualified registrars may volunteer under established ICANN procedures. It will be interesting to see what companies, if any, agree to take on a customer base with such toxic reputation. ®

Broader topics


Other stories you might like

  • US won’t prosecute ‘good faith’ security researchers under CFAA
    Well, that clears things up? Maybe not.

    The US Justice Department has directed prosecutors not to charge "good-faith security researchers" with violating the Computer Fraud and Abuse Act (CFAA) if their reasons for hacking are ethical — things like bug hunting, responsible vulnerability disclosure, or above-board penetration testing.

    Good-faith, according to the policy [PDF], means using a computer "solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability."

    Additionally, this activity must be "carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services."

    Continue reading
  • Intel plans immersion lab to chill its power-hungry chips
    AI chips are sucking down 600W+ and the solution could be to drown them.

    Intel this week unveiled a $700 million sustainability initiative to try innovative liquid and immersion cooling technologies to the datacenter.

    The project will see Intel construct a 200,000-square-foot "mega lab" approximately 20 miles west of Portland at its Hillsboro campus, where the chipmaker will qualify, test, and demo its expansive — and power hungry — datacenter portfolio using a variety of cooling tech.

    Alongside the lab, the x86 giant unveiled an open reference design for immersion cooling systems for its chips that is being developed by Intel Taiwan. The chip giant is hoping to bring other Taiwanese manufacturers into the fold and it'll then be rolled out globally.

    Continue reading
  • US recovers a record $15m from the 3ve ad-fraud crew
    Swiss banks cough up around half of the proceeds of crime

    The US government has recovered over $15 million in proceeds from the 3ve digital advertising fraud operation that cost businesses more than $29 million for ads that were never viewed.

    "This forfeiture is the largest international cybercrime recovery in the history of the Eastern District of New York," US Attorney Breon Peace said in a statement

    The action, Peace added, "sends a powerful message to those involved in cyber fraud that there are no boundaries to prosecuting these bad actors and locating their ill-gotten assets wherever they are in the world."

    Continue reading

Biting the hand that feeds IT © 1998–2022