Subscribe to RSS Feed

08|03|2009 10:49 am EDT

BREAKING: First Ever Criminal Prosecution for Domain Name Theft Underway

by Adam Strong in Categories: Featured

barsOver the years hundreds of stories of domain name theft have been reported, most famous among them of course is the theft of  Even as recent as last week, reports of stolen domains sent a chilling reminder through the domain industry as valuable domains, and others were stolen from Warren Weitzman. Until recently, there hasn’t been a case of a domain theft where the thief was caught and arrested. However, on July 30th, Daniel Goncalves was arrested at his home in Union, New Jersey and charged in a landmark case, the first criminal arrest for domain name theft in the United States.

In a similar fashion to the theft, the events that led to Goncalves arrest involve a long back story, one that spans well over 2 years, and many players.  Although insiders familiar with this case contend that Goncalves has stolen other valuable domains, this case centers on the theft and subsequent sale of the domain name

The Victims
In 2005, internet entrepreneur and domain name investor Marc Ostrofsky and attorney Albert Angel along with his wife Lesli Angel partnered to purchase the domain name for $160,000 from a Wisconsin company, Port to Print Inc. The domain industry was heating up in 2005, as was the emerging peer to peer music business and the co-owners of the domain name saw a great deal of potential with this investment and future development of the domain.

Ostrofsky is a well known investor in the domain space. His name was etched in domain name history with his 1999 sale of for $7.5 million and the multi-million dollar domain holding company,IREIT, that he helped form with investment backing from Howard Schulz and Ross Perot. Albert Angel is an attorney and former Justice Department prosecutor with a background in internet payment processing. Angel and Ostrofsky have known each other for over 25 years and have done business together in other ventures.

The Angels had already invested in a small portfolio of domain names including and (2 more domains reportedly stolen by Goncalves). As a nurse who dealt with teen drug abuse issues, Lesli Angel became interested in buying and building sites on domains in the late 90’s. Domains such as gave her a means to reach out to some of the same audience that she was already helping as a nurse.  As the domain space heated up, Angel continued buying domains and built up a portfolio of around 800 domain names.

The Accused
Daniel Goncalves, the 25 year old law firm computer technician arrested on Thursday, reportedly hacked in to the Angel’s AOL email account, used that information to retrieve the login details for the from the domain account. Goncalves performed an internal “domain push” transfer,which in effect transfered the domain name to another Godaddy account that he owned. Goncalves reportedly also falsified transaction records in an attempt to cover his trail and provide evidence that made it appear that he purchased the domain name for $1,500 from the Angels. The domain was listed in the name of Daniel Louvado during this time period (a bogus name consisting of Goncalves first name and his fiances last name).

In late 2006, Goncalves put the domain name up for sale on and on September 24, 2006 the auction for the domain closed in the amount of $111,000.  The Angels pointed out to DNN that from their investigations Goncalves already owned his own home with a new inground pool being installed (in New Jersey?), drove a Lotus and Mercedes and was frequently bragging about his travels.

The Baller
Caught in the middle of this and claiming to be a “good faith” purchaser is Mark Madsen, NBA basketball player with the LA Clippers. Madsen is reportedly also a domain name investor and was the buyer of the domain name on Whois history shows that Madsen took ownership of the domain name on February 28, 2007. Current whois records for the domain show that the domain name is protected with whois privacy protection, but according to insiders familiar with the case the current owner is still Madsen.  Madsen has been investing in domain names for years and has been linked to the user name thecollins2 in some domain name forums and the company Woodside Technology Group.

The Gatekeepers? is the world’s largest domain name registrar. With over 30 million domains being managed, it’s safe to assume the registrar has been faced with a few cases of domain name theft.  The domain name was registered with and all evidence from whois history records points to the domain name being moved internally to a new account within Godaddy.  The domain name now uses Godaddy’s whois privacy services to hide the ownership. According to the Angels, Godaddy stone-walled any efforts to investigate the theft and in a final passing of the buck, the Angels say that Godaddy told them that they should have been better defended against hackers and must bear the risk. It’s clear that the domain name was pushed between 2 accounts.  The Angels contend that subpoenaed records reveal that the registrar knew that Goncalves was implicated in two other domain thefts at least one month prior to the theft.

In many cases, intricate registrar contracts, safe-harbor laws and statutory exemptions protect domain name registrars from being held liable in domain theft cases. Cases like Kremen v. Cohen ( stolen) and  Solid Host v. Namecheap however have carved new paths in applying the law to cases involving registrars and domain name theft. The civil and criminal cases will use these decisions and likely even lay new ground for future decisions.

The Professionals
Joshua Pelissero, a self-described legend in tracking domain thieves, was enlisted by the Angels to help unwind the events that happened after the domain theft and to find additional evidence of Goncalves online activities. Domain investor Richard Lau and expert witness from the case,  Ellen Rony was also tapped to help uncover more information about the case. The Angels and more specifically Lesli Angel have been tracking Daniel Goncalves and building up evidence for over 2 years. With the help of Pelissero, Lau, and Rony the pieces of the puzzle began to fall together and the evidence began to become more clear. Angel told us “this business is not for the faint of heart. You have to know what you’re doing and be educated.” With these pros backing up their efforts, the Angels made a great deal of progress.

The Case
In the Spring of 2007, the Angels took their case to prosecutors in both New Jersey and Florida. The investigation proceeded in Florida since the Angels are Florida residence, meanwhile the New Jersey police, where the accused resides, put their case on hold.  Three months after taking the case, Florida prosecutors dropped it for “lack of evidence”.  The only recourse left for the Angels was to pursuit Goncalves through a civil action. They used the Freedom of Information Act to gather up the evidence from the Florida prosecutors investigations and continued in their vigilance, building up an even stronger civil case.

The civil suit against Daniel Goncalves and Mark Madsen was filed in November 2007 to retrieve the domain name. After further discovery, the filing was amended in June of 2009 to include new defendents, Goncalves brother and wife (on RICO conspiracy grounds) and (for negligence and contributory trademark infringement under Anti-Cyber Piracy statute). The civil suit is still ongoing but but as of Thursday Goncalves is also now facing criminal charges.

Months after the Florida prosecutors dropped the original investigation, Detective Sergeant John Gorman of the New Jersey State Police Cyber-Crimes Unit reviewed and reignited the case, asking the couple if they would like to pursuit it further.  The Angels traveled to New Jersey and presented the mountains of evidence and findings that they had been accumulating over the last 2 years.  In May of 2009 the NJ District Attorney approved the indictment and on July 30th Goncalves was arrested at his home and his computers seized.

According to the theft victims, this marks the first time in the US that a domain name theft has resulted in an arrest.  Detective Sergeant, John Gorman of the New Jersey Cyber-Crimes Unit is responsible for reviving this case. Without his push to move this case forward it’s likely another domain theft would have just been left to be handled through a civil case. Albert Angel told DNN “these hackers basically thumb their nose at the legal system.”  With the criminal prosecution moving forward, these cyber-criminals, who often taunt their victims with a brazen “what are you going to do about it” attitude, now may actually face the long-arm of the law.

So why are these thieves escaping justice and why aren’t we hearing more about these cases?
Simply put, Complications

Cases of domain name theft have not typically involved a criminal prosecution because of the complexities, financial restraints and sheer time and energy involved. If a domain name is stolen, the victim of the crime in most cases would need experience with the technical and legal intricies associated with the domain name system.  To move the case forward, they would also need a law enforcement professional who understands the case or is willing to take the time to learn. For example, the Angels told us that in their case they called their local law enforcement in Florida who sent a uniformed officer in a squad car to their home. The first thing you can imagine the officer asked was, “What’s a domain?”.

Additionally financial restraints play a major role. Often times the rightful owners of these domains simply can’t justify the thousands of dollars in legal fees necessary to handle a case like this. Domains that don’t have the sort of value that a domain like has in the aftermarket may still contain a value that only the original owner can appreciate. Good luck convincing a law enforcement professional that your domain name is valuable under those circumstances. It’s likely that many small business owners faced with this situation would simply give up. Lesli Angel told DNN “we’re fortunate enough to be in a position where we can go after the criminals . . .what if you weren’t in our position though?”  Pelissero stated that most of the domains he has helped recover were owned by people who didn’t have the means, desire or knowledge to track down the thieves and get their domain name back.  “I had a domain stolen from me before, so I know what it’s like to have that happen. It’s horrible and I was only out $10,000” said Pelissero. “This could happen to anyone and there really is no recourse especially for someone without financial means,” stated Angel.

Complicating the matter further is that domain names are globally traded assets and jurisdiction muddies the waters further. In this particular case, the domain name was stolen from a registrar headquartered in Arizona, the domain was owned by a Florida resident and the accused is a resident of New Jersey. Add to it that the domain registry is located in Virginia.   Frankly, the owners were lucky that this all took place on US soil. Imagine how much more complicated a case like this could become if involved international parties.

Attorney Paul Keating told DNN that most cases of domain theft recovery that he has dealt with have been complicated at best.  The real problem stems from the fact that domain names aren’t considered property. “The laws do not specifically identify domains as property. That has been the subject of various court decisions. Not all courts have issued consistent decisions. For example, bankruptcy courts have no difficulty treating domains as property. The IRS treats domains as a form of intellectual property and allows amortization along the lines of a trademark though over a shorter period,” Keating said.  Further complications come in to play when we look at the rulings in different states. “California is believed to treat them as property after the case but that was a federal decision interpreting California law. The Eastern District of Virginia (where the Verisign registry is headquartered) clearly holds domains to be the subject of a license and thus not property. I have been involved in various state-level cases seeking recovery of stolen names or trying to specifically enforce a domain purchase agreement in California and the courts have always honored the claim.”

Albert Angel summed it up well “If your car is stolen and you demand its return from a subsequent purchaser for value, you recover your car in 50 states, on well-settled common law principles. Try to recover a stolen domain name, and you have a decent chance perhaps in one state (CA) but you have bought yourself an expensive, and legally uncertain lawsuit in most other states. Short of such laws being created on a Federal basis or by each State, any business owner could lose their domain name and website and never legally be able to retrieve it.  Federal laws are needed to protect every company and individual domain name owner.”

These complications and hurdles however seemed to be no match for the vigilant Albert and Lesli Angel. In fact when talking to the victims, one realizes that the hacker who stole the domain from this group couldn’t have picked a worse target. I’m sure if Goncalves knew he was going to be facing the challenge of a team consisting of Ostrofsky, a well-known and connected player in the domain space, Albert Angel, an experienced attorney and Lesli Angel, a vigilant former nurse who told us she “just can’t stand to see anyone suffering”, he may have reconsidered some of his actions.

When asked what drove their continued vigilance in pursuing this case for over 2 years Lesli Angel told DNN “Besides wanting our domain back, we want to carve a path for others. Let’s face it the legal system has not caught up with the growth of the internet. We hope the outcome of this case paves the way and makes it easier for victims of this type of crime. These guys are thieves! Why are they not being arrested? Why are they continuing to get away with this?”

Goncalves is now out of jail after posting $60,000 bond.  He will be facing at least 2 court cases soon and this time it’s not just a civil suit.  The NJ prosecutors intend to push forward with the criminal case and press for a felony conviction.  DNN will be following the case closely and provide updates as we receive them.

So, what do you think about this case ?

  • Should a domain name registrar be held responsible for domains stolen from accounts ?
  • Do we need new laws that protect domains and classify them as a form of property with certain protections ?
  • Do we need reform in the current domain name registry contracts and ICANN policy which would also classify domains as property rather than a contract ?
  • Who will be the overseer and enforcer of these new rules ?
  • Lastly, What would you do if your most valuable domain name was stolen ?

Tags: , , , , , , , , , , , ,


[…] read the whole story, check it out on Domain var addthis_pub = ”; var addthis_language = ‘en’;var addthis_options = ’email, favorites, digg, […]

[…] a domain theft took place last week. Although they don’t detail what the exact charges are, Domain Name News outlines the meat of the case: Daniel Goncalves, the 25 year old law firm computer technician […]

[…] However, as a bunch of folks have sent in, for what appears to be the first time, someone has been arrested and criminally charged in such a situation (usually the disputes are handled through civil suits or arbitrators). In this […]

[…] a domain theft took place last week. Although they don’t detail what the exact charges are, Domain Name News outlines the meat of the case: Daniel Goncalves, the 25 year old law firm computer technician […]

[…] However, as a bunch of folks have sent in, for what appears to be the first time, someone has been arrested and criminally charged in such a situation (usually the disputes are handled through civil suits or arbitrators). In this […]


August 5, 2009 @ 3:16 am EDT

Here’s my take on it all. Domain names can NEVER be property because they have to be RENEWED or else they die.

You CANNOT compare a domain name to a HOUSE or LAND because if you own LAND then it is not going anywhere if you don’t RENEW it next year.

What if we lived in a WORLD where once you purchase a domain name it is YOURS forever? Of course, it would cost MUCH more than $10 per year or Network Solutions crazy $35 per year. Well, that would never happen because the REGISTRARS need to get THEIR money every year.

Everyone and their brother is buying domains, MOST of which never do anything with it, atleast not on any kind of SUCCESSFUL scale. Why? Because it’s ONLY $10..

Why are their so many useless parking page websites? Because they are only $10..

Why oh why? Because it’s VIRTUAL baby! I can’t afford the life I live now but for $10 I can have a .com with 3 hyphens that makes no sense.

Why have they SOLD so many .tels, .info’s, .booboo’s ? Because everyone wants a piece of this PIE that you can’t even put in your mouth. Because we are hoping for something VIRTUALLY that we cannot have in REALITY.

What happens if someone owns a domain name then dies? Then their credit card that was set to auto-renew does NOT auto renew because the card is expired because of death.. All the years SPENT on building the site…down the drain and SCOOPED UP by someone that will put a parking page there and make 30 cents per click from Google. Just like that. No if’s ands or buts.

DOMAINS ARE NOT REAL they are a figment of our imagiNETion.

Domains need DEEDS and they need to be bought for life not for 365 day increments.

And yes, I know you can buy them for up to 10 years but really who does that? You might EXPIRE BEFORE YOUR DOMAIN NAME DOES!!

Domain Name Speculators are just that. They SPECULATE that they can place a worth on a location in cyberspace, the real final frontier. And who falls for this? People that USE AOL EMAIL ADDRESSES for important things like Domain Name registration!! For shame.. For “REAL”.. not virtually, for real!

Now I am off to buy a hyphenated .info for $1.99 on special YAY!

[…] However, as a bunch of folks have sent in, for what appears to be the first time, someone has been arrested and criminally charged in such a situation (usually the disputes are handled through civil suits or arbitrators). In this […]


August 5, 2009 @ 7:06 am EDT

[…] (Source: DomainNameNews) […]

[…] However, as a bunch of folks have sent in, for what appears to be the first time, someone has been arrested and criminally charged in such a situation (usually the disputes are handled through civil suits or arbitrators). In this […]

[…] has been charged with stealing a domain name, which is an intangible intellectual property.  Domain Name News provides a wonderfully in-depth article about the story, including a 2 year history of this […]

Frank Michlick

August 5, 2009 @ 7:11 pm EDT

@Arlie: Thanks for the hint regarding the “share” plugin, we’ll upgrade it shortly and the new version does not use an application for twitter any more.

Know of him...

August 6, 2009 @ 10:00 am EDT

John… the way I look at it is like this. Yes you have to renew a domain, but it can be property. Just like you may own land or a house, you have to pay taxes on it every year, and if its not totally owned yet, you have a mortgage. If you do not choose to do so, well we all know what happens there. The forclosure market is huge right now thanks to issues like this. So in my perspective, a domain renewal every year is like paying land and property tax on what you own, which you also must do every year. It is something you purchased, and you can get rid of it or sell it just like any other item you may have in your possession. I think the rules on this just need to be explained and set in stone in great detail. Unfortunately this individual thought he could get away with something and apparently believed he was smarter than everyone else. Well sometimes you bark up the wrong tree…and he will get whats coming. With those computers being seized, who knows what else they will find now. With all of this money rolling in, I wonder what kind of accounts it was put in and where they are. Being of Portuguese decent, I wonder if money was moved out of the US, and thus it can’t be touched, aka his expense account on vacations he “bragged” about. Massive tax evasion and all sorts of other little things will soon start to be added to the ever growing list of felonies. I would obviously hope they check his job record, wonder if he ever worked at or had a connection to a bank? I hope more details on this become leaked soon, this will be interesting to follow!


August 6, 2009 @ 8:15 pm EDT

In answer to the question:

Should a domain name registrar be held responsible for domains stolen from accounts ?

The answer is a resounding yes.

Since a domain name cannot be physically transported out of the hands of the registrar for safekeeping, it’s safekeeping is in the hands of the registrar.

This is analogous to securities left for safekeeping in a brokerage account. Not in a safety deposit box, but securities registered in street name and comingled with other customer securities.

The brokerage is acting as custodian for the client, and it is well recognised that all financial institutions must act responsibly with respect to customer accounts.

A domain name, being an accounting entry on some computer somewhere is no less an asset in safekeeping by a third party, in this case the registrar.

In this particular case, it is especially troubling that it is suggested godaddy is not responsible even when it was wrongly transferred internally from customer a to customer b. In the brokerage example, that transfer would be revoked in a second.

Why should domain registrars have any less responsibility in handling valuable assets?


August 6, 2009 @ 9:36 pm EDT

Spenser, your argument actually goes to support my point.

If you electronically tell your brokerage service to sell your securities by logging into your account with your account username and password then they will do so. They will also move your account credit to another account if you’re logged in and you send that instruction.

For example, if I lot into my personal trading account and sell shares, then take the proceeds from that sale and transfer the money into another account then not only does my brokerage do that, but they’re obligated to do so.

I think everyone here needs to remember that Godaddy didn’t do anything wrong here. Goncalves was able to log into the rightful owner’s account because he had their user name and password (which were stolen from a third party).

Maybe AOL owed them a duty of care re: the mail account, but Godaddy did what was required of them.

[…] on Aug.06, 2009, under Black Hat Seo I’m shocked it’s taken so long for someone to get arrested for this. Over the years hundreds of stories of domain name theft have been reported, most famous among them […]

[…] First Ever Criminal Prosecution for Domain Name Theft Underway (DomainNameNews) […]

Domain Names Theft

August 8, 2009 @ 3:35 am EDT

[…] is the first case of domain name theft caught and arrested. On July 30th, Daniel Goncalves was arrested at his home in Union, New Jersey and charged in a landmark case. This is the first criminal arrest […]

Twitted by cherylprolapse

August 9, 2009 @ 3:33 pm EDT

[…] This post was Twitted by cherylprolapse […]

[…] First Ever Criminal Prosecution for Domain Name Theft Underway I found this article on internet and would like to share with you guys: BREAKING: First Ever Criminal Prosecution for Domain Name Theft Underway | Domain Name News […]


August 10, 2009 @ 3:36 am EDT

Outstanding piece of reporting — well done!

[…] A law firm computer technician has been arrested in the first ever criminal case for domain name theft. Daniel Goncalves was arrested on July 30th for hacking into a domain investor’s lawyer’s email account and transferring domain ownership of the URL to his Go Daddy account. This marks the first time anyone has ever been arrested for domain theft. Read more about this breaking story here. […]

[…] el dominio aún no ha sido devuelto a sus dueños originales, Daniel Goncalves fue arrestado el pasado 30 de julio y sus ordenadores fueron confiscados. Aún no es claro hacia donde se moverá el caso y qué tipo […]


August 16, 2009 @ 7:01 am EDT

Some of these stolen domain names are worth millions of Dollar$, and it is the personal “property” of the owner. For the police, prosecutors, & judges to not go after and bring these thieves to justice, is not only dereliction of duty, but it’s down right criminal, and reeks of utter ineptitude. These domains have actual monetary value, and should be treated as property. Theft should be investigated, and prosecuted accordingly, based on the monetary values involved. Think of this, if somebody went to the homes of these ignorant, lazy, and down right useless “public servants”, and looted their homes, stole their identity, maxed out their credit, emptied their bank accounts, & drove off in their cars, what would happen? All that theft probably doesn’t even come close to the value of certain domain names right? Monetarily its actually “less” of a crime then the ones they aren’t prosecuting. But I guarantee there would be an investigation, and arrests, probably on a damn FEDERAL level. Why should domains be any different. Another thing I am curious about. You know how “Godaddy” owns/sells domains I guess? If you had the money, I mean, what is involved with creating/opening your own domain name site? Or “Registrar”? is it called? I would think that way you would be almost completely protected. I agree with
*John August 5, 2009 @ 3:16 am EDT* about domains needing “deeds”. In lack of them though, would not my idea be as close to it as currently possible? Finally, what about buying domains for more then a year? Can it be done? Also do any domain companies (if not they SHOULD) have like…an automatic account renewal system, tied to you credit card? All in all something needs to be done. 10 years ago, maybe I could see this stuff going on, when the WWW was like the Wild Wild West. Untamed, full of unknowns, totally unregulated, etc, or automobiles at the turn of the century. Before traffic laws, and drivers license, etc But guess what. The internet is not new anymore, and like cars, it’s here to stay. And this domain problem needs to be regulated and protected and there is no excuse what-so-ever for theft going unchecked. It’s probably because the powers that be, don’t care because it’s not “their” money being lost, or business ruined. I bet if somebody stole, or etc, it would be a different story though right? Then again, those are probably “.org or .gov” but you get my point. Maybe we all need to lobby for and demand stronger protective domain name legislation.

[…] shocked it’s taken so long for someone to get arrested for this. Over the years hundreds of stories of domain name theft have been reported, most famous among them […]


August 17, 2009 @ 11:38 am EDT

Any “property” on the Net should be protected by the registrar’s. Make things simple, you buy the domain name through them they should ensure it’s safety. If the only options is legal recourse, or no budget we should continue to “self” police. This article is a fine example of how we can still control the Internet. Great article thanks!

[…] Ostrofsky and Albe and Leslie Angel.  The case and details of the investigation were detailed in a story on DNN published in August 2009.Although there have been other notable cases of domain names being stolen, most notable being […]

[…] Back in November of 2009, Daniel Goncalves was indicted on charges that he had stolen the domain name from domain name investor Marc Ostrofsky and Albe and Leslie Angel.  The details of the case and investigation were docmented in a story on DNN published in August 2009. […]

[…] el dominio aún no ha sido devuelto a sus dueños originales, Daniel Goncalves fue arrestado el pasado 30 de julio y sus ordenadores fueron confiscados. Aún no es claro hacia donde se moverá el caso y qué tipo […]

[…] player. The details of the case have already been extensively written about – so I’ll point you to Domain Name News rather than rehash the details […]

[…] of this case. As we noted, this may be the first case of criminal charges in a domain name theft. According to, it may also break new ground if it holds GoDaddy legally liable for allowing the theft. According […]

RSS feed for comments on this post · TrackBack URI

Leave a Reply