Domain Name Wire | Domain Name News

Domain Name Industry News

Featured Domains

Lawsuit alleges CEOs.com, xus.com and other domains are stolen

by Policy & Law 1 Comment

Man alleges that eight domains were stolen from his domain registrar account.

Picture of shaded man in hoodie with the words "stolen domains"

A California man says that CEOs.com, xus.com, and six other domain names were stolen from his Network Solutions account.

Aiping (“Alan”) Wei, Ph.D., filed an in rem lawsuit (pdf) in Virginia on Friday to try to recover the two valuable domain names along with cnooc.com, cnpc.com, dendrimer.com, luminescence.com, peoplesdaily.com, and taiyuan.com.

According to the suit, he discovered that the domain names were stolen when he logged into his account in January of this year. A review of historical Whois records at DomainTools shows that the alleged theft occurred sometime in early or mid-2020. The domains were then transferred to other domain name registrars.

David Weslow of Wiley Rein is representing the plaintiff.

 

Lawsuit alleges 445.com is a stolen domain name

by Policy & Law 1 Comment

Chinese citizen files lawsuit against valuable domain name.

Picture of thief at laptop computer

A lawsuit (pdf) filed on Friday alleges that the domain name 445.com is a stolen domain name.

Xiaojun Wang, a citizen of the People’s Republic of China, filed the in rem lawsuit against the domain name. He alleges that the domain name was stolen from his GoDaddy account around January 22 of this year. He discovered the theft earlier this month.

The domain name transferred from GoDaddy to NameSilo between January 24 and February 9, according to historical Whois records.

The domain name is now listed for sale with an Epik lander and an asking price of $650,000.

Ni, Wang & Massand PLLC is representing Xiaojun Wang, with local attorneys War IP Law PLLC filing the lawsuit in United States District Court in Eastern Virginia, where .com registry Verisign is located.

GoDaddy breach is latest reminder to use registry lock

by Policy & Law 15 Comments

Websites that handle financial transactions should add Registry Lock to their domains.

Picture of lock on bars with the words "Registry Lock" above it in black letters on yellow background

Brian Krebs wrote this weekend about a recent attack on cryptocurrency services via the domain name registrar GoDaddy.

In at least two cases, it appears that attackers were able to either transfer a domain to another account and modify its nameservers or otherwise modify nameservers on the domain names.

Social engineering attacks on tech company employees are likely to become more common as people work from home. Registrars must remain vigilant.

Site owners also need to take precautions. Websites that handle financial transactions (including cryptocurrency transactions) should use Registry Lock.

Registry Lock is different from typical domain locking offered by registrars. Domain locking merely prevents a domain from being transferred unless someone logs in to the account and unlocks it.

Registry Lock is much more sophisticated. It’s a service offered by the domain name registries through the registrars. Most Registry Lock products prevent people from transferring a domain or changing its nameservers without going through a multi-step process that involves both the registrar and registry.

In the case of Verisign, which operates .com, a domain owner who wants to change their nameservers would first contact their registrar. This would trigger a process in which the registry manually verifies the request.

It’s not foolproof and could be overcome with social engineering. But it’s a good second layer of protection. And while the service is much more expensive than a domain name, it’s a minimal expense as part of a business’ security budget.

Not all registrars offer Registry Lock. GoDaddy does not currently offer the service.

Grand Theft Domain Name – DNW Podcast #303

by Podcasts 1 Comment

Kieren McCarthy discusses the astonishing story of the theft of the world’s most valuable domain name.

Image of journalist Kieren McCarthy with the words "DNW Podcast Grand Theft Domain Name with Kieren McCarthy"

When Sex .com was stolen in the 90s, it was most likely the most valuable domain name in the world. And it wasn’t just a routine domain theft like what occurs today. What transpired involved a lifelong conman, an early internet entrepreneur, hidden cash, prison, fleeing to Mexico, drug-fueled parties, and millions of dollars in legal expenses. On today’s show, reporter Kieren McCarthy, who wrote a book about the theft, digs into the story.

Also: CentralNic doubles down, .Org appeal process, premium sales, ad networks and more.

Sponsor: Dan.com

Podcast: Play in new window | Download (Duration: 40:26 — 32.4MB) | Embed

Subscribe: Apple Podcasts | Email | RSS

Subscribe via Apple Podcasts to listen to the Domain Name Wire podcast on your iPhone or iPad, or click play above or download to begin listening. (Listen to previous podcasts here.)

Judge issues TRO to transfer Calculator.com back to original owner

by Policy & Law 0 Comments

Order comes just days after case is filed.

Picture of judge's gavel

A judge in Florida has granted a request (pdf) for a Temporary Restraining Order (TRO) involving the domain name Calculator.com.

Last week, the original registrant of the domain name filed a lawsuit alleging that the domain name was stolen. Today, United States District Judge Beth Bloom granted a TRO.

The TRO requests that GoDaddy transfer the domain name back to Network Solutions. Should GoDaddy not immediately comply, the request will be sent to Verisign.

This case could get a bit complicated, though. It appears that the domain name was sold after it was allegedly stolen. It will be interesting to see if the buyer decides to fight the case in court.

Domain Name Wire | Domain Name News