Domain Name Wire | Domain Name News

Domain Name Industry News

Featured Domains

GoDaddy breach is latest reminder to use registry lock

by Policy & Law 15 Comments

Websites that handle financial transactions should add Registry Lock to their domains.

Picture of lock on bars with the words "Registry Lock" above it in black letters on yellow background

Brian Krebs wrote this weekend about a recent attack on cryptocurrency services via the domain name registrar GoDaddy.

In at least two cases, it appears that attackers were able to either transfer a domain to another account and modify its nameservers or otherwise modify nameservers on the domain names.

Social engineering attacks on tech company employees are likely to become more common as people work from home. Registrars must remain vigilant.

Site owners also need to take precautions. Websites that handle financial transactions (including cryptocurrency transactions) should use Registry Lock.

Registry Lock is different from typical domain locking offered by registrars. Domain locking merely prevents a domain from being transferred unless someone logs in to the account and unlocks it.

Registry Lock is much more sophisticated. It’s a service offered by the domain name registries through the registrars. Most Registry Lock products prevent people from transferring a domain or changing its nameservers without going through a multi-step process that involves both the registrar and registry.

In the case of Verisign, which operates .com, a domain owner who wants to change their nameservers would first contact their registrar. This would trigger a process in which the registry manually verifies the request.

It’s not foolproof and could be overcome with social engineering. But it’s a good second layer of protection. And while the service is much more expensive than a domain name, it’s a minimal expense as part of a business’ security budget.

Not all registrars offer Registry Lock. GoDaddy does not currently offer the service.

Grand Theft Domain Name – DNW Podcast #303

by Podcasts 1 Comment

Kieren McCarthy discusses the astonishing story of the theft of the world’s most valuable domain name.

Image of journalist Kieren McCarthy with the words "DNW Podcast Grand Theft Domain Name with Kieren McCarthy"

When Sex .com was stolen in the 90s, it was most likely the most valuable domain name in the world. And it wasn’t just a routine domain theft like what occurs today. What transpired involved a lifelong conman, an early internet entrepreneur, hidden cash, prison, fleeing to Mexico, drug-fueled parties, and millions of dollars in legal expenses. On today’s show, reporter Kieren McCarthy, who wrote a book about the theft, digs into the story.

Also: CentralNic doubles down, .Org appeal process, premium sales, ad networks and more.

Sponsor: Dan.com

Podcast: Play in new window | Download (Duration: 40:26 — 32.4MB) | Embed

Subscribe: Apple Podcasts | Email | RSS

Subscribe via Apple Podcasts to listen to the Domain Name Wire podcast on your iPhone or iPad, or click play above or download to begin listening. (Listen to previous podcasts here.)

Judge issues TRO to transfer Calculator.com back to original owner

by Policy & Law 0 Comments

Order comes just days after case is filed.

Picture of judge's gavel

A judge in Florida has granted a request (pdf) for a Temporary Restraining Order (TRO) involving the domain name Calculator.com.

Last week, the original registrant of the domain name filed a lawsuit alleging that the domain name was stolen. Today, United States District Judge Beth Bloom granted a TRO.

The TRO requests that GoDaddy transfer the domain name back to Network Solutions. Should GoDaddy not immediately comply, the request will be sent to Verisign.

This case could get a bit complicated, though. It appears that the domain name was sold after it was allegedly stolen. It will be interesting to see if the buyer decides to fight the case in court.

The Great Domain Theft – DNW Podcast #289

by Podcasts 0 Comments

How Michael Fischer recovered his domain name from a theft.

Owning a great domain is like owning a fine piece of art. It’s one of a kind and given the right opportunity, thieves would love to get their hands on it. My guest on today’s show, Michael Fischer, has had to defend his valuable domain twice from hijacking: once through UDRP and, most recently, an actual theft of the domain. Today, he explains what happened and how he got his domain back.

Also: Kelly Hardy’s new role, reverse domain name hijacking, .com rankings and last month’s top stories.

Sponsor: Donuts

Podcast: Play in new window | Download (Duration: 31:42 — 25.4MB) | Embed

Subscribe: Apple Podcasts | Email | RSS

Subscribe via Apple Podcasts to listen to the Domain Name Wire podcast on your iPhone or iPad, or click play above or download to begin listening. (Listen to previous podcasts here.)

Lawsuit alleges Pay.io is a stolen domain name

by Policy & Law 6 Comments

Company recently realized that its valuable domain name was missing.

Picture of thief at laptop computer

A lawsuit filed in U.S. District Court in Arizona alleges that the domain name Pay.io is stolen.

Deltaventure GmbH, a German company, filed the lawsuit (pdf) against the domain name and John Doe.

According to the suit, the plaintiff acquired the domain name in 2012 for €5,000. The domain name was transferred to a new owner (apparently in Russia) in 2016, but the plaintiff didn’t realize this until October of 2019.

Most in rem lawsuits are filed in Virginia, where the .com registry Verisign is located. However, .io is the country code domain name for British Indian Ocean Territory. The plaintiff filed the case in Arizona because Namecheap, the registrar where the domain is held, is organized in the state.

Pay.io is a valuable domain name that is worth much more than what the plaintiff paid for it in 2012. In the past year, Swipe.io sold for $68,000, Cook.io sold for $39,750 and Ease.io sold for $28,888.

Do NOT follow this link or you will be banned from the site!