2009-04-09

Actions against registry services abuse – Report April 2009





The above in figures review the recent actions of Directi, in conjunction with HostExploit independent advice, taken to track down and stop abusive domain names and registrants from abusing Directi’s services.

Registrar Abuse
  • 8,506 domain names have been suspended that were either involved in abusive activity or registered by customers/registrants exhibiting persistent patterns of abuse.
  • These domain names (and/or their registrants) were involved in various types of abuse, such as spamming, phishing/spoofing, malware perpetration, child pornography, financial frauds and falsified ‘Whois’ information.
  • All other services utilized by any of these domain names have also been revoked.

Analysis

When suspending domain names on receiving complaints about their involvement in abuse, HostExploit is pleased to report that, Directi, while reviewing the complaints over the past few months, found certain trends:

  • Domain names registered with the same/similar contact information (name, address patterns)
  • Bulk registrations of domain names with a slight variation in the domain name e.g. 2008bases1.net, 2008bases2.net, 2008bases3.net, 2008bases4.net, 2008bases5.net …. by abusive registrants/customers
  • Same blacklisted name servers being repeatedly utilized.
  • Registrations in the same customer account involved in various forms of abuse
  • Based on these, we reviewed all domain names, first in the customer's account, then in the reseller's account and then across the databases.

An active list of directly suspended domains is available for down load from HostExploit.com

Note: HostExploit and Directi’s agreement to maintain cooperative collaboration to clamp down on spam and other forms of abuse on the Internet has and is continuing to work. HostExploit confirms that they are pleased to work directly with the Directi abuse desk in helping Directi identify any miscreants that maybe using Directi's services. The partnership includes sharing investigative processes and intelligence data on an ongoing basis. With the view on net-neutrality all actions are based upon ACM (Association of Computing Machinery) http://www.acm.org/about/code-of-ethics

We welcome any concerns or reports related to the abuse of Directi’s registry services forward to abuse(at)directi.com or admin(at)hostexploit.com.

Together with the community we hope to continue taking steps to make the Internet a better and safer place.