Update: Having just completed my daily reader run, I saw Kreb’s talked about this on his Secuirty Fix blog in great detail this morning, it’s worth the read…
As the game of whack-a-mole continues, ICANN upped the action this week by terminating the registrar accreditation of EstDomains, Inc., in a notification of termination letter to EstDomains president Vladimir Tsastsin, citing Estonian Court records documenting his convictions for credit card fraud, money laundering and document forgery. According to the letter of termination, EstDomains has ~281k domains under management, and those will be transferred to an ICANN-accredited registrar in accordance with the De-accredited Registrar Transition Procedure.
Interestingly, EstDomains, Inc. was de-accredited because of rules consistent with subsection 5.3.3 of the Registrar Accreditation Agreement (RAA), which states that if “Any officer or director of Registrar is convicted of a felony or of a misdemeanor related to financial activities, or is judged by a court to have committed fraud or breach of fiduciary duty, or is the subject of a judicial determination that ICANN deems as the substantive equivalent of any of these; provided, such officer or director is not removed in such circumstances.” So, if and when Tsastin turns over the reigns, EstDomains, Inc. may very well remain a thorn in your side…
ICANN has similarly nuked Beijing Innovative Linkage Technology, dba DNS.COM.CN and CSL Computer Service Langenbach GmbH d/b/a JOKER.COM as of late, and these, coupled with the demise of the Russian Business Network (RBN) and Atrivo/Intercage, has clearly sent the roaches scurrying.
But does this really do any good, or is it more akin to putting a band-aid on a headache? That is, the networks and domains and registrars are simply the vehicle by which these [alleged] criminals are operating, and without prosecution of the miscreants themselves, the problem is only going to move, become better distributed, and more sophisticated, a certain evolution we’ve given witness to over the past decade.
Fortunately, we have seen some additional law enforcement activity [e.g., spam ring shutdown] as of late as well, the frequency of which seems to be increasing.
Who’s next on your hitlist?