ICANN Drops Bad Domain Registrar, but on Technicality

An Estonian company that registers domain names will have its accreditation revoked in about two weeks, the Internet's addressing authority said Wednesday.

The Internet Corporation for Assigned Names and Numbers (ICANN) said EstDomains violated its contract after the company's president, Vladimir Tsastsin, was convicted of credit card fraud, money laundering and document forgery in Estonia in February.

ICANN is in the process of organizing a transfer of the 281,000 domain name records EstDomains holds to other registrars. ICANN said the company will be de-accredited on Nov. 24.

ICANN said late last month it would take action against EstDomains but delayed after the company appealed the decision, arguing Tsastin resigned as president in June. ICANN can revoke a registrar's contract if an executive of the company has been convicted of certain felonies or misdemeanors.

The demise of EstDomains couldn't come soon enough for computer security analysts. The registrar held the domain name registrations for a trove of Web sites that hawked pharmaceutical products, sold bogus software and tried to infect users' PCs with malicious software.

But the company's de-accreditation comes on a technicality in its contract with ICANN rather for bad behavior. It highlights what many computer security experts say is a lack of oversight over the Internet to stop abuse such as spam.

EstDomains and other companies "are in essence self-policing companies who in theory are supposed to keep criminals off their networks," wrote analysts in a report released this week detailing unethical ISPs (Internet service providers) and domain name registrars. "ICANN won't enforce its contracts with registrars and criminals are throwing money at registrars. In the end, it hurts the Internet user and consumer."

EstDomains offered anonymous domain name registration, which makes it nearly impossible for anyone outside of law enforcement to find out who actually owns the domain. Most publicly listed information in Whois, which lists who owns a domain, is false for Web sites running scams.

Those who bought domains from EstDomains then turned to criminal-friendly Web hosting services such as McColo in San Jose, California, which would deflect inquiries about the legitimacy of the sites. McColo fell offline on Tuesday after its peering partners decided not to support the hosting service anymore.

A white paper released in August found that 113 Web sites with fake codecs were registered with EstDomains. The white paper was written by Jart Armin.

Codecs are used to decode video compression formats. Cybercriminals often lure people to their Web sites by ostensibly offering codecs but actually serve up malicious software instead.

Fifty-three of those fake codec Web sites were hosted by Intercage, an ISP also known as Atrivo, whose upstream connectivity was cut off in late September due to complaints of abuse.

Subscribe to the Daily Downloads Newsletter

Comments