25
Nov 13

Spam-Friendly Registrar ‘Dynamic Dolphin’ Shuttered

facebooktwittergoogle_plusredditpinterestlinkedinmail

The organization that oversees the Internet domain name registration industry last week revoked the charter of Dynamic Dolphin, a registrar that has long been closely associated with spam and cybercrime.

Scott Richter. Image: 4law.co.il

Scott Richter. Image: 4law.co.il

The move came almost five years after this reporter asked the Internet Corporation for Assigned Names and Numbers (ICANN) to investigate whether the man at the helm of this registrar was none other than Scottie Richter, an avowed spammer who has settled multi-million-dollar spam lawsuits with Facebook, Microsoft and MySpace over the past decade.

According to the contracts that ICANN requires all registrars to sign, registrars may not have anyone as an officer of the company who has been convicted of a criminal offense involving financial activities. While Richter’s spam offenses all involve civil matters, this reporter discovered several years ago that Richter had actually pleaded guilty in 2003 to a felony grand larceny charge.

Richter’s felony rap was detailed in a January 2004 story in the now-defunct Rocky Mountain News; a cached copy of that story is here. It explains that Denver police were investigating a suspected fencing operation involving the purchase and sale of stolen goods by Richter and his associates. Richter, then 32, was busted for conspiring to deal in stolen goods, including a Bobcat, a generator, laptop computers, cigarettes and tools. He later pleaded guilty to one count of grand larceny, and was ordered to pay nearly $38,000 in restitution to cover costs linked to the case.

After reading this story, I registered with the Colorado state courts Website and purchased a copy of the court record detailing Richter’s conviction — available at this link (PDF) — and shared it with ICANN. I also filed an official request with ICANN (PDF) to determine whether Richter was in fact listed as a principal in Dynamic Dolphin. ICANN responded in 2008 that it wasn’t clear whether he was in fact listed as an officer of the company.

But in a ruling issued last week, ICANN said that analysis changed after it had an opportunity to review information regarding Dynamic Dolphin’s voting shares.

“Prior to this review, ICANN had no knowledge that Scott Richter was the 100% beneficial owner of Dynamic Dolphin,” ICANN wrote. “In light of this review, ICANN initiates a review of the application for accreditation from 2011. Based on Section II. B. of the Statement of Registrar Accreditation Policy, Dynamic Dolphin did not disclose in its application for accreditation that Scott Richter was the 100% beneficial owner of Dynamic Dolphin or that Scott Richter was convicted in 2003 for a felony relating to financial activities.”

ICANN has ordered that Dynamic Dolphin be stripped of its accreditation as a registrar, and that all domains registered with Dynamic Dolphin be transferred to another registrar within 28 days. Neither Richter nor a representative for Dynamic Dolphin could be immediately reached for comment.

ICANN’s action is long overdue. Writing for The Washington Post in May 2008, this author called attention to statistics gathered by anti-spam outfit Knujon (“NOJUNK” spelled backwards), which found that more than three quarters of all Web sites advertised through spam at the time were clustered at just 10 domain name registrars. Near the top of that list was Dynamic Dolphin, a registrar owned by an entity called CPA Empire, which in turn is owned by Media Breakaway LLC – Richter’s company. Another story published around that same time by The Washington Post showed that Media Breakaway was behind the wholesale hijacking of some 65,586 Internet addresses from a San Francisco, Calif. organization that was among the early pioneers of the Internet.

dyndInterestingly, this is the second time that ICANN has acted in response to information presented by this author regarding convicted criminals running domain registrars in violation of ICANN’s rules. Three months after I wrote that story for The Post about Media Breakaway, I penned a column highlighting the massive amount of fraudulent and malicious sites being registered through an infamous Estonian domain registrar known as EstDomains. In that story, I pointed out that the company’s principal, a then-27-year-old Estonian man named Vladimir Tsastsin, had recently been convicted in his native country of credit card fraud, money laundering, and forgery.

ICANN ultimately decided that Tsastsin’s criminal convictions meant that EstDomains had violated ICANN’s registrar agreement, and stripped EstDomains of its power to register new domains. Tsastsin would later be indicted and arrested for his role in the development of the massive DNSChanger botnet, a global malware contagion that infected more than four million computers worldwide.

For a hilarious interview with spammer high-volume email deployer Scottie Richter, check out this 2004 segment from Comedy’s Central’s Daily Show.

Tags: , , , , , , , , , ,

24 comments

  1. Lol, I just registered his old yahoo account. I wonder if anyone will send mail to it. Interesting fun.

  2. Good to know no connection to the Dolphin Android browser is implicated.

  3. ICANN needs to put the auto-stamp of approval away and do some of the investigation itsellf. I know Brian enjoys doing the investigative work on occasion, but I am sure he’d like a bit of a break between stories.

    Good job on the persistence and investigation Brian. Hopefully those that used this registrar for vile acts will wilt and die on the vine. Since ICANN’s head is turned towards the direction of this problem, one would think they would also investigate any other major players that may have operated under this criminal.

    Maybe the ICANN group will save face and not be called ICANT so much. Only time will tell.

  4. For those interested in the other domains – which I recommend to stay away from, can be seen here.

    https://www.robtex.com/dns/mediabreakaway.com.html#summary

    This is within Robtex’s domain, so as long as your careful you can stay within the domain and look over all you desire.

    Additionally, here are a few AS numbers…..

    AS16509
    Amazon Amazon.com

    Hummmm Amazon……

    AS16943
    REDCONDOR ASN 2 Red Condor

  5. “ICANN’s action is long overdue.” Understatement is a superb compositional technique because it can manipulate the readers emotions. When a truly genteel reader happens upon “ICANN’s action is long overdue.”, the immediate reaction is “Oh my goodness, one would hope that, in the future, ICANN would respond in a more timely manner” while a less couth reader would say “No sh*t Sherlock!”

    • I guess pointing out that ICANN has no cullions is beyond the obvious at this point. I have reported numerous things to them over the years, along with documentation, they never did anything.

      Way to hang in there and track the “progress” that we get when dealing with ICANN.

      5 years has got to the quickest I’ve seen action on taking down a criminal enterprise.

      Thanks for caring and sharing Brian!

  6. TheOreganoRouter.onion

    Another domain register well known for allowing phishing and spam abuse is xxxx://www.bizcn.com

  7. Great work, Brian! Now can you get ICANN to do something about Internet.bs ? :-)

    • TheOreganoRouter.onion

      I second that on “Internet.bs ” (Internet Dot Bull Sh*t) which is another T.L.D. register which allows abuse and or looks the other way when it comes to cyber-criminals

      • triple backing.

        I lean towards: Either get rid of Internet.bs and bizcn.com (and my list is longer) or get rid of ICANN (and replace it with the likes of Knujon). (ICANN does not represent me to my liking for more than a decade).

      • “ICANN has ordered … that all domains registered with Dynamic Dolphin be transferred to another registrar within 28 days. ”

        The world has a great chance of spam from that registrar continuing operation with another spam-friendly registrar, thanks ICANN for doing all you do.

  8. Hey Brian,
    Just read that Washington Post article from 2008.
    You don’t look a day older :)

    Must be a favorite picture to keep using it?

  9. If you go to http://www.spanhaus.org and go under the ROKSO area, and type in Scott Ritcher, you’ll see the vile company he has partnered up with.

    • Yes, and if you look at how SPAMHAUS has been established you will see that it is not less shady than what it pretends to protect you from.

      • I honestly don’t care about the history or ethics of spamhaus.org. If they offer information which is semi-credible then thats all that matters. For those that have issues with Spamhaus, there must have been something that sparked a debate when I mentioned their name.

        To me, its an information gathering link.

  10. sorry, my typing consists of all thumbs…its
    http://www.spamhaus.org = \

  11. He owns Redirect.com & TheParkingPlace.com as well

  12. Facebook has continued to offer better spam and other controls to their users. I’m surprised at the continuing improvement of their services.. Whether the privacy aspects of this are actually working in some instances will probably be less(or never) known.

  13. Good work within the perseverance and investigation to John. Preferably people who applied that registrar pertaining to vile functions can wilt and expire within the grape vine. Due to the fact ICANN’s head is flipped towards the direction of the dilemma, you might think they will furthermore research every other key gamers that may get handled under that legal.


Read previous post:
No Bail for Alleged Silk Road Mastermind

A federal judge has denied bail for Ross Ulbricht, the ? man arrested last month on suspicion of running the...

Close