Fighting malware and spam

ICANN pulls plug on registrar favoured by cyber crooks

After a week's stay of execution, ICANN decides EstDomains will be terminated.

ICANN, the organization responsible for managing the assignment of domain names and IP addresses, has announced it will pull the plug on Estonian domain registrar EstDomains - long known to be favoured by cybercriminals for their domain registrations - on 24 November.

In an official letter dated 28 October, ICANN advised EstDomains that the official ICANN Registration Accreditation Agreement with the company would be terminated on 12 November 2008, citing company president Vladimir Tsastsin's conviction of credit card fraud, money laundering and document forgery as the reason for the termination. However, following a response from EstDomains on 29 October, advising the ICANN that Tsastsin had resigned from his post prior to his conviction and had since been replaced - thus appealing to ICANN to reconsider the termination of the agreement, ICANN put the process on hold in order to carry out an investigation.

ICANN has now announced that the termination of EstDomains' ICANN accreditation is to go ahead on 24 November and the organization is now seeking expressions of interest from other registrars to receive a bulk transfer of the domain names managed by the struck-off registrar.

Experts estimate that tens of thousands of malicious domains have been registered through EstDomains including sites used in drive-by-downloads, botnet command-and-control servers, spammed domains and so on.

14 November 2008

Tags: ICANN, cybercriminal, estdomains.   

1 comment

This sounds like a good start - but the practical result really begs the question - how will the "bulk transfer of the domain names" be handled? Does the criminal element get to keep its lair, and just mail its rent check to a new landlord? How does the process work from here?

by Trust_probability, 15 November 2008, 20:03

Comments are closed.