[NA-Discuss] Policy Failure Enables Mass Malware: Part II (ICANN and OnlineNIC)

Bret Fausett bfausett at internet.law.pro
Wed Sep 29 23:12:11 UTC 2010

Garth Bruen at KnujOn wrote:
> However, the core issue relates to an illicit pharmacy domain sponsored
> by OnlineNIC which has been found in thousands of hacked websites
> infected with a PHP redirection. KnujOn first found this malicious
> redirection in July, 2010 and discovered the target domain,
> SECURETABS[DOT]NET, had a false WHOIS record and we appropriately filed
> a complaint with ICANN on July 18, 2010. 

When you say that SECURETABS.NET is "sponsored by OnlineNIC," do you mean
anything more than 'OnlineNIC is the registrar of record for

I see the following registration data in the whois:

Sergey Mironov sergeymironov at ymail.com +7.9165143272
     Zvenigorodkaya st. 26-17
     Moscow Moscow AF 125482

I would be interested in hearing more about how you established that this
Moscow address and the Yahoo! email address were false.

          -- Bret

More information about the NA-Discuss mailing list