You are not logged in.
- Topics: Active | Unanswered
#1 2008-08-29 6:51 pm
- TeMerc
- Member
- From: Phx. AZ
- Registered: 2007-12-19
- Posts: 51
- Website
Two Interesting Reads:Cyber Crime & Who's Behind it
August 28, 2008
Introduction
In our continuing effort to shed light on the dark corners of the Internet we have produced this report on the Directi Group, a fairly large player in the Registrar world. We have highlighted their use of the controversial service PrivacyProtect.org, their association with EstDomains, their continued sponsorship of fake pharmacy domains, and their apparent ability to get Registrar accreditations for 48 Phantom Companies.
48 Phantom Registrars
KnujOn has found at least 48 ICANN-accredited Registrars that do not seem to exist. All of the Registrars in question are affiliated with the Directi Group (Directi, PublicDomainsRegistry, Answerable, LogicBoxes). Our attention was first brought to them when we released our report of the Ten Worst Registrars for illicit domains, spam, and false registrations. At the time, in some records Directi's address was listed as: "14525 SW Millikan #48732 Beaverton Oregon". Directi has since denied this and now disclosed its address as being in Mumbai, India. This prompted us to take a closer look at all the Registrars in Internic's (ICANN) directory affiliated with Directi and presenting themselves as being located in the United States. 8 Directi–affiliated Registrars list their address on the Internic Registrar Directory as: 14525 SW Millikan #48732 Beaverton Oregon
In examining the directory for the other 40 Direct-affiliated Registrars, we find an even more confusing address:
15 West 47th Street New York, NY 10036 Oregon
United States
+1-650-331-0716
The first line is obviously ambiguous with "Oregon" on the end of a New York address. An additional layer of confusion is added by the fact that "650-331-0716" is a San Mateo, California phone number. So, where are these companies? New York, Oregon, California or Mumbai? There is nothing wrong with having multiple business locations, but this fact is not disclosed on any their websites or at Internic.
Next, we set out to verify if any of these companies were real. Because of the confusing addresses we researched the New York, Oregon, California and India business registries. None of the Directi-affiliated companies listed in the Internic Registrar Directory are real licensed companies:
Jumbo Name, Inc.
Your Domain King, Inc.
Fenominal, Inc.
Game For Names, Inc.
Ever Ready Names, Inc.
Find Good Domains, Inc.
Go Full House, Inc.
Instinct Solutions, Inc.
Name Perfections, Inc.
Need Servers, Inc.
Network Savior, Inc.
Power Carrier, Inc.
Power Namers, Inc.
Super Name World, Inc.
Tech Tyrants, Inc.
The Registrar Service, Inc.
Trade Starter, Inc.
Unpower, Inc.
Venus Domains, Inc.
Yellow Start, Inc.
Zone Casting, Inc.
Extend Names, Inc.
Extremely Wild Key Registrar, Inc.
Magic Friday, Inc.
Name To Fame, Inc.
Net Juggler, Inc.
Unified Servers, Inc.
Names Bond, Inc.
Specific Name, Inc.
Genuine Names, Inc.
Best Site Names, Inc.
Get Real Names, Inc.
Global Names Online, Inc.
Naming Associate, Inc.
The Names Registration, Inc.
Cool Ocean, Inc.
Names Real, Inc.
Big Domain Shop, Inc.
Colossal Names, Inc.
Click Registrar, Inc.
Cotton Water, Inc.
Crystal Coal, Inc.
Curious Net, Inc.
Domain Band, Inc.
Domain Mantra, Inc.
Platinum Registrar, Inc.
There is an expression that a company can "exist only on paper", but in this case we don't even have that.
Continued @ Knujon
=======================================================================
In a new study entitled "Atrivo - Cyber Crime USA", the authors have extensively tracked and documented ongoing cyber criminal activity from within the Internet servers controlled by the California-based Atrivo, and other associated entities. Atrivo is one of the Internet's Autonomous Systems and controls a large number of IP addresses, which web sites must use to reach consumers.
Produced by cyber crime researcher Jart Armin, in association with Matt Jonkman and James McQuaid, the first of its kind Open Source Security study set out to quantify and continuously track cyber crime using numerous methods of measurement. It focuses specifically on the notorious Atrivo, which has been seen by many over several years as a main conduit for financial scams, identity theft, spam and malware. This study although fully self contained is the first of a series of reports, on a monthly basis there will be a follow up to report on the community response, the efforts of the cyber criminals to evade exposure, listings to assist in blocking the risks to Internet users, and hopefully efforts to stop them.
In addition to original quantitative research conducted by Armin, Jonkman and McQuaid, the study draws upon the findings of other research efforts, including StopBadware, EmergingThreats, Knujon, Sunbelt, CastleCops, Spamhaus, and many others. What emerges is a picture of a front for ruthless cyber criminals, who have specifically targeted consumers in the United States and elsewhere. The study provides hard data regarding specific current activity within Atrivo, explains how consumers are targeted, describes Atrivo's virtual network structure, organizational modeling, and cites Atrivo's collusive failure to respond to abuse complaints from 2004 to the present. The study includes three dimensional charts, diagrams, and a YouTube video which make it easy to grasp the statistics or processes discussed
Offline