Posts Tagged: ICANN

A Little Sunshine / Pharma Wars / The Coming Storm25 Comments
12
Mar 12

Half of All ‘Rogue’ Pharmacies at Two Registrars

Half of all “rogue” online pharmacies — sites that sell prescription drugs without requiring a prescription — got their Web site names from just two domain name registrars, a study released today found. The findings illustrate the challenges facing Internet policymakers in an industry that is largely self-regulated and rewards companies who market their services as safe havens for shadowy businesses.

Source: LegitScript

There are about 450 accredited domain name registrars worldwide, but at least one-third of all active rogue pharmacy sites are registered at Internet.bs, a relatively small registrar that purports to operate out of the Bahamas and aggressively markets itself as an “offshore” registrar. That’s according to LegitScript, a verification and monitoring service for online pharmacies.

LegitScript President John Horton said the company began to suspect that Internet.bs was courting the rogue pharmacy business when it became clear that the registrar has only two-tenths of one percent of the market share for new Web site name registrations. In a report (PDF) being released today, LegitScript said that a separate analysis of more than 9,000 “not recommended” pharmacies compiled by the National Association of Boards of Pharmacy suggested that Internet.bs is sponsoring nearly 44 percent of the Internet’s dodgy pill shops.

Asked whether he was concerned about allegations that his firm was targeting an industry that seeks out registrars who turn a blind eye to questionable businesses, Internet.bs President Marco Rinaudo replied that, on the contrary, LegitScript’s report was bound to be “excellent advertising for our company.”

Reached via phone at his home in Panama, Rinaudo said he was under no obligation to police whether his customers’ business may be in violation of some other nation’s laws, absent clear and convincing evidence that his registrants were operating illegally from their own country.

“Even though I understand they could bother some pharmacy lobby, if an industry likes us, what’s the problem with an online pharmacy, as long as they are operating legally from their own country?” Rinaudo asked. “We cannot accept pressure to shut down a legitimate business just because it is not pleasing to some political lobbying group. We and I personally make sure that all the domains that are in breach of an applicable law and for which we receive a complete report, will be acted on the same day.”

Continue reading →

A Little Sunshine / Security Tools6 Comments
8
Mar 11

WHOIS Problem Reporting System to Gain Privacy Option

A system that allows anti-spam activists to report entities that bulk-register domain names using false or misleading identity data is about to gain a much-needed new privacy feature: The option for activists not to expose their identities to the very spammers they’re trying to report.

The Internet Corporation for Assigned Names and Numbers (ICANN), the organization that oversees the Internet’s domain name system, runs a program called the WHOIS Data Problem Reporting System (WDPRS). It’s designed to allow Internet community members to alert registrars about customers that list incomplete or inaccurate contact records for domain registrations.

The policy of requiring registrars to make WHOIS data publicly searchable is no doubt a contentious one, but the reality is that spammers and scammers frequently bulk register large numbers of domains in one go, and tend to take their business to registrars that don’t ask too many questions. Indeed, some domain registrars have built a business out of catering to spammers and scammers.

In many cases, spammers will mass-register domains using completely bogus contact information, or — as appears to have been the case with hundreds of domains that were used recently in an attack against KrebsOnSecurity.com — with the contact information belonging to people whose stolen credit cards were used to fraudulently register the spammy domains.

Some anti-spam activists have pursued bulk registrants with false WHOIS data because, under ICANN’s rules, registrars are supposed to investigate and eventually suspend domains whose owners fail to respond to requests to verify or correct false WHOIS data. And in direct response to a massive influx of reporting on these domains by such activists, ICANN built the WPDRS.

But at some point, ICANN began sharing the names and email addresses of people who were reporting the erroneous WHOIS information with the registrars for each offending domain, exposing the identities of any anti-spam activists who used their real contact information in reporting the issues to ICANN.

Continue reading →

A Little Sunshine / Web Fraud 2.054 Comments
21
Oct 10

Pill Gangs Besmirch LegitScript Founder

Individuals who normally promote unlicensed, fly-by-night Internet pharmacies recently registered hundreds of hardcore porn and bestiality Web sites using contact information for the founder of a company that has helped to shutter more than 10,000 of these Internet pill mills over the past year, KrebsOnSecurity.com has learned.

The reputation attack is the latest sortie in an increasingly high-profile and high-stakes battle among spammers, online pill purveyors and those trying to shed light on their activities. Around the same time that these fake domains were registered, KrebsOnSecurity.com came under a sustained denial of service attack that traced back to Russian pill gangs.

In the third week of September, hundreds of domains were registered using the name, phone number and former business address of John Horton, founder of LegitScript, an Internet pharmacy verification service. The domains, many containing the word “adult,” all redirect to a handful of porn and bestiality sites (a partial list is available here, but please tread lightly with these sites because they are definitely not safe for work and may not be safe for your PC).

The sites were registered just days after LegitScript finalized a deal with eNom Inc., the world’s 5th-largest domain name registrar. At the time of that agreement, roughly 40 percent of the unlicensed online pharmacies selling drugs without requiring a prescription were registered through eNom, according to Horton.

Since then, many affiliates who promote pill sites via online pharmacy affiliate programs have been scrambling to move their domains to other registrars, with varying degrees of success.

Continue reading →

A Little Sunshine45 Comments
26
Aug 10

White House Calls Meeting on Rogue Online Pharmacies

The Obama administration is inviting leaders of the top Internet domain name registrars and registries to attend a three-hour meeting at the White House next month about voluntary ways to crack down on Web sites that are selling counterfeit prescription medications.

The invitation, sent via e-mail on Aug 13 by White House Senior Adviser for Intellectual Property Enforcement Andrew J. Klein, urges select recipients to attend a meeting on Sept. 29 with senior White House and cabinet officials, including Victoria Espinel, the Obama administration’s intellectual property enforcement coordinator.

“The purpose of this meeting is to discuss illegal activity taking place over the internet generally, and more specifically, voluntary protocols to address the illegal sale of counterfeit non-controlled prescription medications on-line,” the invitation states.

Continue reading →