Burglary, robbery, kidnapping and a shoot-out over… a domain name?!

When transfers go really, really wrong, allegedly

27 Got Tips?

A home break-in that resulted in two men being shot – one of whom was later charged with burglary, robbery and kidnapping – was the result of a domain name dispute, cops have said.

Sherman Hopkins, 43, broke into a house in Cedar Rapids, Iowa, America, last month armed with a gun, it is alleged. Rather than making off with some jewelry or a flatscreen TV, however, it is claimed Hopkins confronted the owner – 26-year-old Ethan Deyo – and, at gunpoint, attempted to get him to transfer a domain name to an unnamed third party.

"Hopkins forced Deyo to log on to his computer and tried to coerce Deyo to transfer a domain name," a criminal complaint filed this week by the Linn County Attorney’s Office states, although it fails to say what the domain name was.

We called the police department and asked. They wouldn't tell us the name but noted it was "valuable." "We will release the name of the domain after our investigation is complete," a police spokesman told The Register.

Right now, the cops are looking into the details of the third person that Deyo was asked to transfer the name to and whether that person "had an influence" on Hopkins' alleged behavior.

Not random

One thing the police are sure about: it was no random act. Hopkins turned up with the "express purpose" of forcing Deyo to hand over control of a specific domain name, it is claimed. Hopkins and Deyo did not know one another, raising suspicions that he may have been hired by the third party to get hold of the name.

That raises more questions: why would someone take such an extremely risky approach to getting hold of a domain name?

A clue may be in what Deyo does for a living: he advertises himself as a content specialist online and sells his ability to "create engaging content for online businesses." As part of the police investigation, they are looking into whether the third party was looking to have the domain name returned to them, or whether they were seeking to grab it off Deyo.

We ran a reverse domain search and couldn't find a name registered by Deyo that was of such value that it would be worth sending someone around with a gun.

Deyo has registered a few names for a family member (variations on Deer Run Hamilton – Hamilton being in Illinois), and a few "Iowa Web Pro" domain variations. But his main website uses GoDaddy privacy service, and presumably as a web professional he would follow standard practice and pay for the additional privacy for his client.

All of which suggests that someone knew that Deyo had control over a valuable domain, despite it not being publicly listed, and decided that threatening him with a gun to hand it over was the best course of action.

We have contacted Deyo and asked for clarification.


The high drama started when Hopkins allegedly broke into the house on June 21 brandishing a gun, causing Deyo to flee to his bedroom. According to the complaint, Hopkins then smashed his way into the bedroom and, at gunpoint, led Deyo to another room where his computer was and forced him to log in to his domain name account (we don't know which registrar, but Deyo used to work for GoDaddy). Hopkins then ordered him to change the registrant details to an unnamed third party, it is claimed.

Deyo was either extremely reluctant to let the domain name go, or suspected that he was going to be shot following the transfer, because at some point during the process he grabbed Hopkins' gun, we're told.

The gun went off and hit Deyo in the right foot, it is claimed. Despite that, Deyo kept fighting and pulled the gun off Hopkins, according to the police report, at which point Hopkins made a run for it. Deyo then reportedly shot him twice before calling the police, telling them he had shot a burglar. It was 1:30pm.

Both men were taken to hospital, but following recovery and after giving statements, Deyo was released without charge and Hopkins was arrested and taken from the hospital to jail and booked under first-degree burglary, first-degree robbery and first-degree kidnapping charges. The kind of thing that puts you behind bars for a long time.

A preliminary hearing for Hopkins will be held on Friday, July 28. In the meantime, he is being held on a $75,000 cash-only bond. The police investigation continues. ®

Sign up to our NewsletterGet IT in your inbox daily


Keep Reading

Microsoft nukes 9 million-strong Necurs botnet after unpicking domain name-generating algorithm

Takedown should (in theory) see spam volumes shrink rapidly

Remember April 2020? It brought pandemic, chaos and an unseasonable spike in new domain registrations

UK and Oz registries recorded mini-booms for new names but also an overall domain dip

Houseparty denied it had been hacked... while miscreants were abusing its dot-com domain name infrastructure

Subdomain takeover possible, infosec bod points out

Snapchat domain squatter loses comedy £1m URL sellback attempt

'Take legal action' he told the firm. So it (sort of) did

Just what you want when stuck working from home: Microsoft domain mixup downs Remote Web Access

Updated 'Supported' Windows Server customers cut off from their subdomains

Goddamn the Pusher man: Nominet kicks out domain name hijack bid

Lord, he'll leave your mind to scream - if you don't renew on time

Microsoft prevents Domain of Danger from falling into miscreants' paws by forking out cash for

Asking price to banish ghost of Active Directory admin past was $1.7m: Redmond paid 'undisclosed amount'

Chancers keep buying up dot-UK company name domains: Got a problem? That'll be £750 for Nominet to rule on it

£3,000 if you don't like the answer

Problems at Oracle's DynDNS: Domain registration customers transferred at short notice, nameserver records changed

Must have missed Oracle's December memo: 'It is now time that we part ways with this business'

Facebook, distributor of deceptive political ads, sues registrar Namecheap over deceptive domain names

'We don’t want people to be deceived'... unless it's by paying politicians

Tech Resources

Driving Immediate Value with a Cloud SIEM

A natively cloud SIEM is purpose-built to get your team up and running quicker than ever before

Simplifying Hybrid Cloud Flash Storage

According to industry analysts, a critical element for secure hybrid multicloud environments is the storage infrastructure.

Navigating the New Era of Cloud Computing

Hear from Steve Sibley, VP of Offering Management for IBM Power Systems about how IBM Power Systems can enable hybrid cloud environments that support “build once, deploy anywhere” options.

Manage your data, not just your storage

In this paper we look at the challenges that cold data presents, at techniques and technologies that can help with the problem, and at the advantages organizations can gain from a smarter approach to data management.