Subscribe to RSS Feed

12|17|2014 11:18 am EDT

ICANN systems compromised through phishing attack

by Frank Michlick in Categories: ICANN / Policy

A number of ICANN’s staff email accounts have been compromised by a phishing attack, which lead to administrative passwords to other systems being exposed as well, as Necraft reports.

The Internet Corporation for Assigned Names and Numbers (ICANN) has fallen victim to a phishing attack which resulted in the attackers gaining administrative access to some of ICANN’s systems, including its Centralized Zone Data Service (CZDS).

In an email alert sent this morning, ICANN said it believes a spear phishing attack in November resulted in several ICANN staff members’ email credentials being compromised. The stolen passwords were then used to gain unauthorised access to multiple ICANN systems, which could have resulted in other usernames and passwords being compromised.

Although CZDS passwords are stored as salted hashes, ICANN has taken the precaution of deactivating passwords and API keys used on the compromised CZDS service. ICANN implemented some security enhancements earlier this year, which it believes limited the extent of the unauthorised access, and has implemented further measures since this attack.

Here’s the email that ICANN wrote to users of is CZDS:

ACTION REQUIRED: CZDS Security Disclosure

ICANN is investigating a recent intrusion into our systems. We believe a
“spear phishing” attack was initiated in late November 2014. It involved email
messages that were crafted to appear to come from our own domain being sent to
members of our staff. The attack resulted in the compromise of the email
credentials of several ICANN staff members.

In early December 2014 we discovered that the compromised credentials were
used to access certain ICANN systems including the Centralized Zone Data
Service (CZDS). 

You are receiving this notice because the attacker obtained administrative
access to all files in the CZDS including copies of the zone files in the
system. The information you provided as a CZDS user might have been downloaded
by the attacker. This may have included your name, postal address, email
address, fax and telephone numbers, and your username and password. Although
the passwords were stored as salted cryptographic hashes, we have deactivated
your CZDS password (and API key if applicable) as a precaution. Additional
information about the attack is included in an announcement that is posted at
https://www.icann.org/news.

In order to continue using CZDS, please visit http://czds.icann.org and follow
the instructions there to request a new password. We suggest that you take
appropriate steps to protect any other online accounts for which you might
have used the same username and/or password.  

This notice was not delayed as a result of a law enforcement investigation.
Earlier this year, ICANN began a program of security enhancements in order to
strengthen information security for all ICANN systems. We believe these
enhancements helped limit the unauthorized access obtained in the attack.
Since discovering the attack, we have implemented additional security
measures.

We are providing information about this incident publicly, not just because of
our commitment to openness and transparency, but also because sharing of
cybersecurity information helps all involved to assess threats to their
systems.

If you would like further assistance or information, you may contact us by
email to customerservice@icann.org or by telephone at +1-424-277-3192 or U.S.
toll-free at +1-800-401-1703.

Thank you for your attention to this. We sincerely regret any inconvenience or
concern this incident may cause you.


ICANN Registry Services

 

0 Comments

Tags: , ,

12|16|2014 05:43 pm EDT

DomainFest will be part of NamesCon 2015 in Las Vegas

by Frank Michlick in Categories: Events

NamesCon | Las Vegas January 11th-14th 2015 2014-12-16 17-56-02

A change on the Namescon Agenda lead The Domains to ask if NamesCon had bought out domainFEST – well, here’s the official press Release and reply. DomainFest becomes the first day of the conference geared towards newcomers. If you read the text on the updated DomainFest website, it appears that there’s a plan to carry the name forward and use it for “a series of international DomainFest regional events”.

DomainFest is one of the longest running events in the Domain Name industry. Its early origins in the early 2000s was a one day gathering with a mix of sharing new industry information and a social networking event. DomainFest will continue that tradition after being acquired by NamesCon.

Originally established as a casual meeting of domain investors as early as 2002, Donna Mahony generously donated the domain name to Oversee in 2006. Starting with small conferences in LA and Barcelona, Oversee grew Domainfest into a large, global conference series, attracting domainers, marketing professionals and celebrity speakers from all over the world.

“We are very proud of the industry-leading conference that we built up over the years”, said Debra Domeyer, CEO of Oversee.net.  “DomainFest is one of the longest running events in the Domain industry.  We are proud to recognize the importance of the DomainFest events to the industry and are extremely happy to be passing the DomainFest ownership into the capable hands of NamesCon.”

Richard Lau, producer of NamesCon said “We are carrying the DomainFest torch forward. NamesCon co-founder Jothan Frakes and I met at the Seattle DomainFest in March 2005. We are immensely proud to be able to announce that Sunday, Jan 11, 2015 is ‘DomainFest @NamesCon’.” Like DomainFest conferences in the past, NamesCon 2015 Las Vegas will also host a domain auction (run by Right of the Dot) and feature Keynote speakers and world-class entertainment.

DomainFest @NamesCon will start at 10am on Sunday Jan 11, 2015 and the day will be an excellent venue for newcomers and veterans alike. Jothan Frakes, who has a long history of producing domain conferences stated, “The DomainFest events had great energy and I am delighted to see that the success of NamesCon will maintain the spirit and legacy of DomainFest.”  Jothan has planned out a full agenda for the Domainfest @NamesCon day.

The Sunday Evening Networking and Entertainment event for DomainFest @NamesCon will feature Peter Pavone – the Las Vegas Best 2014 Tribute Artist of the Year.

DomainFest @NamesCon is included in your conference pass when you register for NamesCon 2015 Las Vegas.

Two great conferences, one low price.

To RSVP & Register please visit: www.DomainFest.com or www.NamesCon.com

[via Press Release]

0 Comments

Tags: , , , , , ,

12|01|2014 11:21 am EDT

Europol seizes 292 domains for counterfeit goods on Cyber Monday

by Frank Michlick in Categories: Legal Issues

The European law agency Europol has seized 292 domain names in cooperation with the U.S. Immigration and Customs Enforcement (ICE) and 25 law enforcement agencies from 19 countries. The sites were allegedly used to sell counterfeit merchandise, such as sportswear, electronics, pharmaceuticals, but also movies and music.

Countries involved were: Albania, Belgium, Bulgaria, Colombia, Croatia, Denmark, France, Greece, Hungary, Iceland, Italy, Lithuania, Luxembourg, Portugal, Romania, Serbia, Spain, United Kingdom and the United States.

Law enforcement has been preparing for this since August based on information provided to them by trademark holders. The domain names seized are now in the custody of the governments involved in these operations. Visitors typing those domain names into their web browsers will find either a banner that notifies them of the seizure and educates them about the crime of wilful copyright infringement, or the visitors will not be able to access the website anymore.

Project “In Our Sites” (IOS) is a sustained law enforcement initiative that began to protect consumers by targeting the sale of counterfeit merchandise on the Internet. The 292 domain names seized under Operation IOS V brings the total number of IOS domain names seized to 1829 since the IOS project began in November 2012.

[via CIO, Europol Press Release]

1 Comment

Tags:

11|30|2014 05:12 pm EDT

The week in Domains (Week 49/2014)

by Frank Michlick in Categories: Weekly Highlights

“The week in domains” summarizes the domain name industry news on a weekly basis. Not enough time to check all the news on all the blogs? This is what you want to read. Updated throughout the week/days.

Domain Name Sales

gTLDs

Legal

Domain Names for Sale

Internet Governance

 

0 Comments

Tags: , , ,

10|14|2014 11:00 am EDT

What domains can teach about brand engagement in foreign markets

by JS Lascary in Categories: New Companies, Tools

Since the early 2000s, domain names can be registered and written in any language – for example Chinese characters are allowed in the .com namespace, 例子.com is a valid domain name. This wonderful innovation makes internet users less reliant on the English alphabet to navigate the internet – including when engaging with brands online.

As with any new technology, early adopters are often not the larger corporations but smaller ventures, one man operations and the likes. When it comes to foreign language domains incorporating brand names, this means that, unfortunately, some of them are registered to affiliate marketers and speculators unrelated to the brand owner.

From an academic perspective, this has the advantage of being a fantastic proxy to assess the viability of using brand names in different languages to engage with local audiences. The assumption here is that if a brand related domain has been registered and renewed to an affiliate marketer or any third party primarily motivated by monetization, whatever he/she is doing with the domain must be working.

The following are some of my observations on the topic :

 

A) Brand translations work.

It may not be practical for a brand manager to come up with translations of their brand in an effort to better engage with internet users. However, the translations may already be out there, used by native speakers on and off the internet. When a translation makes it to a domain registration, it’s a sign that its usage might be widespread.

PlayStation in Hebrew

PlayStation can be written in Hebrew like this : פלייסטיישן

Google data shows that the proportion of Israeli search volume for the keyword “PlayStation” to the Israeli search volume for “פלייסטיישן” is 10:3.

Surely, the domain name פלייסטיישן.com is registered, but not to Sony. It has been so since 2010 and it currently redirects to a one page Weebly website full of Adsense ads.

 

Iceberg showing the Skype brand in Russian along with some typos
Typo traffic is just the tip of the iceberg

B)Typos are a thing too.

Skype in Russian

скаип.com is a typo of скайп.com which is Russian for Skype. Despite the whois privacy, both domains seem registered to the same entity and currently redirect to an adult webcam affiliate page (NSFW). The domains were respectively registered in 2012 and 2007.

In other instances, typo domains look to mimic the visual appearance of the brand.

Viagra and Netflix

vìágrã.com

This domain resembles the viagra brand. It is registered since 2007 and currently resolves to a parked page (displaying PPC ads).

ñetflix.com

The Netflix brand name with the Spanish eñe instead of the regular “n”. This domain was registered in 2013 and currently redirects to a survey affiliate program.

The most clever cases of typo domains involve what I call “keyboard layout typos” whereby the string of characters resulting from typing an english word on a foreign language keyboad is registered as a domain name. This type of typo exists because most non english keyboard hardware come with two or more characters printed on each key, i.e. one english letter following the QWERTY layout and one character in the native language. The keyboard software is often programmed by default to allow the use of either layouts. Switching from one to another is usually a matter of one key press.

Godaddy almost in Thai

Thai keyboard layout showing a typo of the Godaddy Brand

เนกฟกกั.com.

This domain is the result of the keystroke sequence G-O-D-A-D-D-Y typed on a Thai keyboard with the Thai layout active instead of the English QWERTY layout. The domain per se means nothing in the Thai language. It currently redirects to Godaddy.com through an affiliate link.

If anything, the existence of this domain shows that there are Thai keyboard users who could make use of a proper Thai domain to access the registrar.

 

B) Brand + Keyword domains are also used

The use of foreign language domains to engage with brand customers is not limited to exact match brand names. Brand + Keyword domains are prevalent as well, especially in markets with a history of online advertising and online marketing.

Forex Sale in Japanese

ロレックス買取.net

This domain name means “Rolex Sale” or “Rolex Purchase” in Japanese. The webpage it resolves to has a prominent a8.net affiliate link below the fold.

 

In conclusion, when it comes to engaging with “foreign” audiences, using a domain name in the proper language is an avenue to consider. Affiliate marketers and speculators have been doing it for years, and it seems to be successful, at least as per their standards.

 

About the author

JS Lascary is passionate about Internationalized Domain Names. He is a member of the Quebec Bar Association and the founder of idndata.com, a brand monitoring business.

0 Comments

Tags: , , , ,

09|02|2014 01:55 pm EDT

NameCheap for NetNeutrality: FCC, don’t flush our rights down the toilet [video]

by Frank Michlick in Categories: ICANN / Policy

NameCheap Released a video today for Net Neutrality:

 

 

Find out more here: http://netneutrality.com/

0 Comments

Tags:

08|15|2014 01:36 pm EDT

Sedo’s parent United Internet invests 435 million EUR in Rocket Internet

by Frank Michlick in Categories: PPC industry

Montabaur, August 15, 2014. United Internet AG (“United Internet”) is investing – via its subsidiary United Internet Ventures AG – a total of EUR 435 million for a 10.7% stake in the incubator Rocket Internet AG, Berlin (“Rocket”). The investment will cement the long term strategic relationship between United Internet and Oliver Samwer, Rocket’s Chief Executive Officer and co-founder.

United Internet’s investment consists of EUR 333 million in cash, and EUR 102 million represented by United Internet’s equity participation in the portfolio of the Global Founders Capital funds (“Global Founders Capital”).

Global Founders Capital is a portfolio of over 50 venture capital investments held jointly by United Internet and Global Founders Fund GmbH (“Global Founders Fund”, formerly European Founders Fund GmbH), the personal investment vehicle of Oliver Samwer and his brothers. The portfolio includes minority stakes in companies such as games maker Goodgame Studios; online travel sites such as Traveloka and Travelbird; online marketplaces Yemek Sepeti and DaWanda; and financial technology companies Kreditech, Borro and SocietyOne.

United Internet has been successfully investing in consumer Internet and technology businesses together with the Samwer brothers through Global Founders Capital since 2007.

United Internet’s investment will be in newly issued shares by Rocket, of the same class and bearing the same rights as shares held by current Rocket investors. Ralph Dommermuth, CEO of United Internet, will become a member of Rocket’s nine-person Supervisory Board.

Rocket Internet identifies and builds proven internet business models and transfers them to new, underserved or untapped markets where it seeks to scale them into market leading online companies. It aims to become the world’s largest Internet platform outside of China and the United States. Rocket is focused on online business models that satisfy basic consumer needs across three sectors: e-Commerce, marketplaces and financial technology.

Rocket started in 2007 and now has more than 20,000 employees across its network of companies, which operate in more than 100 countries on five continents. The company’s target markets are located mainly in the emerging markets of Latin America, the Middle East, Africa and Asia, as well as in Russia. These markets are generally characterized by fast-growing smartphone penetration, younger populations then developed markets, newly evolving middle classes, and limited access to physical retail infrastructure.

Following this investment, in addition to United Internet (10.7%), shares in Rocket Internet will be held by Investment AB Kinnevik (18.5%), Access Industries (8.5%), Philippine Long Distance Telephone Company (8.6%) and the Global Founders Fund (53.7%).

By contributing its shares in the investment funds to Rocket Internet, United Internet will recognize one-off, non-cash income of around EUR 70 million this year.

About United Internet

With 13.87 million fee-based customer contracts and 31.44 million ad-financed free accounts, United Internet AG is Europe’s leading internet specialist. At the heart of United Internet is a high-performance “Internet Factory” with 6,700 employees, of which around 2,000 are engaged in product management, development and data centers. In addition to the high sales strength of its established brands (1&1, GMX, WEB.DE, united-domains, Fasthosts, Arsys, InterNetX, Sedo and affilinet), United Internet stands for outstanding operational excellence with around 45 million customer accounts worldwide.

[via Press Release]

Disclaimer: DNN’s managing editor, Frank Michlick, provides consulting services through his company DomainCocoon for Sedo, which is a subsidiary of United Internet

0 Comments

Tags: , , , , ,

07|30|2014 10:07 am EDT

ICANN tells US Court that ccTLDs are not property and thus cannot be seized

by Frank Michlick in Categories: ICANN / Policy

Files Motion to Quash in U.S. legal action aimed at Seizing Top-Level Domains

The Internet Corporation for Assigned Names and Numbers (ICANN) has told a U.S. federal court in the District of Columbia, that a country code Top-Level Domain (ccTLD) cannot be considered “property,” and thus cannot be attached by plaintiffs in a lawsuit, who are trying to obtain the assets of countries that they argued have supported terrorism.

“We filed a Motion to Quash in the US federal court today, to ensure that the court has the essential information about how the Internet’s domain name system (DNS) works. While we sympathize with what plaintiffs may have endured, ICANN’s role in the domain name system has nothing to do with any property of the countries involved”, said John Jeffrey, ICANN’s General Counsel and Secretary.

“We explained in our Motion to Quash, that country code Top-Level Domains (ccTLD) are part of a single, global interoperable Internet which ICANN serves to help maintain.” Jeffrey further explained that “ccTLD’s are not property, and are not ‘owned’ or ‘possessed’ by anyone including ICANN, and therefore cannot be seized in a lawsuit.”

ICANN’s arguments were put forth when the victims of terrorism who had successfully won lawsuits against Iran, Syria and North Korea, sought to collect on those civil judgments.  In their attempt to recover assets from these countries, the plaintiffs served ICANN with “writs of attachment” and subpoenas seeking information to help them seize the ccTLDs of those nations.

The ccTLDs (and related IP addresses) targeted by the plaintiffs include; .IR (Iran), .SY (Syria) and .KP (North Korea), as well as internationalized top-level domains in non-ASCII characters for Iran and Syria.

ICANN explains the motion as follows:

  • First, a ccTLD simply is not “property” subject to attachment.
  • Second, although operating for the benefit of the people of Iran, Syria and North Korea, respectively, the relevant ccTLDs are not “owned” by the defendants or anyone else, for that matter.
  • Third, the .IR, .SY and .KP ccTLDs are not “located” in the District of Columbia or even the United States, and therefore are beyond the reach of Plaintiffs’ Writs of Attachment.
  • Fourth, even if these ccTLDs could be characterized as “property in the United States of the defendants,” this Court would lack jurisdiction over these proceedings, according to the Foreign Sovereign Immunities Act.
  • Fifth, ICANN does not unilaterally have the capability or authority to transfer the .IR, .SY or .KP ccTLDs to Plaintiffs.
  • Finally, a forced transfer of the .IR, .SY and .KP ccTLDs would destroy whatever value may exist in these ccTLDs, would wipe out the hundreds of thousands of second-level domain names registered therein by various individuals, businesses and charitable organizations, and could jeopardize the single, global, interoperable structure the Internet.

The ICA comments: ICANN’s .IR Response Opens Legal Can of Worms

[via Press Release]

0 Comments

Tags:

06|25|2014 03:11 pm EDT

Is Key Systems running the new Google Registrar?

by Frank Michlick in Categories: Registrars

While the domain and tech industry is abuzz talking about how Google is launching their new own retail registrar in a private beta that is mostly being tested with the help of employees, DNN embarked on the journey to uncover what Google’s technical solution looks liked; and in turn discovered that it appears that the new registrar is built on Key Systems’s RRPProxy – a hosted registrar/reseller solution.

DNN didn’t have to look far – the answer to the mystery is right in the whois – as part of the referral URL as to which whois server is to be queried. We did manage to find a Google related domain that is registered through Google’s registrar – exit.com:

Domain Name: EXIT.COM
Registrar: GOOGLE INC.
Whois Server: whois.rrpproxy.net
Referral URL: http://www.google.com
Name Server: NS17.ZONEEDIT.COM
Name Server: NS2.ZONEEDIT.COM
Name Server: TINKER.EXIT.COM
Name Server: UNGOVERNED.EXIT.COM
Status: clientTransferProhibited
Updated Date: 10-feb-2014
Creation Date: 03-nov-1994
Expiration Date: 02-nov-2022

In the whois results, one line especially jumped out to us:

   Whois Server: whois.rrpproxy.net

RRP Proxy, is the reseller system of the German company Key Systems, which is also available to be used by other ICANN accredited registrars.

DNN has reached out to Key Systems and Google for comment, but have not yet heard back.

4 Comments

Tags: , , , ,

05|01|2014 10:30 am EDT

Sedo Names Solomon Amoako Chief Sales Officer for the Boston office [Press Release]

by NewsDesk Editor in Categories: People

Domain Industry Veteran Brings Years of Experience to Further Strengthen and Lead Sedo’s North American Sales Team

BOSTON, Mass. – May 1, 2014 – Sedo, today announced the appointment of Solomon Amoako as Chief Sales Officer (CSO) in the company’s Boston office. In his new role, Mr. Amoako will manage all sales activities out of the company’s North American headquarters, working hand in hand with Dima Beitzke, CSO at its European headquarters in Cologne, Germany.

Mr. Amoako joins Sedo with extensive domain industry and sales experience, most recently serving as Vice President of Business Development for Rightside Group, which was spun out from the digital media and domain services company, Demand Media. In this role, Mr. Amoako helped grow and maintain the company’s global registrar channel and was part of a team that managed the company’s applications for new generic top-level domains (gTLDs) such as .dance, .social and .ninja.

Prior to his time with Rightside, Mr. Amoako was the Director of Global Sales and Account Management at the global Internet services company, Tucows, overseeing a channel of more than 11,000 resellers, along with technical support and professional services departments.

“Solomon is a highly-respected leader within the domain industry and I’m delighted to have him join our organization,” said Tobias Flaitz, CEO of Sedo. “The domain industry is facing its biggest expansion since its inception and with the world of new opportunities being presented comes added challenges. Through this evolution, Solomon’s knowledge and expertise will add tremendous value to Sedo customers looking to sell domains along with those looking to purchase the perfect name for their business.”

Prior to his work in the domain industry, Mr. Amoako held a number of senior sales and relationship management roles at large organizations such as ADP, CGI and Unisen.

“I couldn’t be more excited to join such an experienced and dynamic leadership team,” added Mr. Amoako. “Sedo is a domain industry trailblazer in the aftermarket and has continued to innovate and lead the market for more than a decade.  I’m eager to be part of such an amazing organization to help see it through this historic time in the domain industry and maintain its leadership position for the next decade.”

About Sedo

Sedo is the leading domain marketplace and monetization provider worldwide. Headquartered in Cologne, Germany and with offices in London, England and Boston, USA, Sedo has assembled the world’s largest database of domain names for sale with more than 18 million listings. The success of Sedo’s model has attracted a client base of more than 2 million domain professionals in 180 countries worldwide. The company’s support team speaks 23 languages natively while its award-winning interactive marketplace seamlessly services client needs in six different languages. Sedo also has a full suite of services available for new gTLD applicants, including premium auctions in all application phases, marketing support, pricing, consulting and brokerage services to reach domain buyers globally. With more than 13 years of experience, Sedo is trusted by organizations and individuals around the globe as a neutral partner for buying, selling and parking domains.

[via Press Release]

Disclaimer: DNN’s managing editor Frank Michlick works as a consultant for Sedo through his company DomainCocoon.

0 Comments

Tags: , , , ,

Click here for archives