[NA-Discuss] New Top Ten Abused Registrars

Garth Bruen at KnujOn gbruen at knujon.com
Wed Feb 4 14:03:39 EST 2009 

Folks,

We have just published our follow-up report on the top ten abused
Registrars. Much has changed since our first report in May 0f 2008. Who
is not on the list is just as interesting as who is on the list. We have
issued this report with the assumption that these numbers indicate
problems at certain registrars and not necessarily malfeasance. However,
83% of the spammed domains since June or 2008 are held by just 10
Registrars. 

Full statistics and charts can be found here:
http://www.knujon.com/registrars/

An article about the report has been published here:
http://voices.washingtonpost.com/securityfix/2009/02/report_most_spam_sites_tied_to.html#more

KnujOn is a public service for Internet users and we are extending that
service to the Registrars. We contacted each of the Registrars in
advance with a list steps they need to take to fix some of these
problems, including specifics about the customers who are wreaking the
most havoc. Each Registrar (and this is true for any Registrar) was
extended an offer of assistance in clearing out problems and removing
abusive registrants. So far none have responded to our offer or
recommendations. This list may or may not surprise some of you:

1.	XIN NET (Second Time at #1) 
2.	eNom 
3.	Network Solutions 
4.	Register.com 
5.	PLANETONLINE 
6.	RegTime 
7.	OnlineNIC 
8.	SpotDomains (domainsite) 
9.	Wild West 
10.	HICHINA Web Solutions 

Before going into specifics of each case, compare this to the list from
May, 2008:
1.	Xin Net Bei Gong Da Software 
2.	Beijing Innovative Networks 
3.	Todaynic 
4.	Joker 
5.	eNom, Inc. 
6.	MONIKER 
7.	Dynamic Dolphin 
8.	The Nameit Co/AITDOMAINS.COM 
9.	PDR/Directi 
10.	Intercosmos/DIRECTNIC 


With the exception of Xin Net and eNom all the other cited Registrars
dropped off the list. Why? They were either forced to take action or
took action of their own accord. Joker and Beijing Innovative Networks
(DNS.COM.CN) were issued breach notices by ICANN, the others were
impacted by the public disclosure and modified their behavior. What does
this tell us? For one when the system functions as designed we get
results. Secondly we can see that a so-called impossible situation can
be altered in fairly short period of time. 

I’m very positive about the overall situation.

-Garth

-------------------------------------
Collect, analyze, enforce, repeat...

ICANN, Mexico City - March 1-6
http://mex.icann.org/
MIT Spam Conference, Cambridge Mass. - March 26-27
http://projects.csail.mit.edu/spamconf/

Dr. Robert Bruen at:
MAAWG, San Francisco, CA - February 17-19
http://www.maawg.org/news/GeneralMeeting_Feb09/
RSA, San Francisco, CA - April 20-24
https://365.rsaconference.com/index.jspa

More information about the NA-Discuss mailing list