Research Blog - Research

Beginning of the end for EstDomains

November 3, 2008 by Hunter King

Filed under General category.

If you’re a hacker wanting to register a domain for nefarious purposes, EstDomains is your go-to guy. They registered tens of thousands of malicious domains during their existence, providing an integral piece of the malware lifecycle. The Russian Business Network (RBN) used them extensively for their “bullet proof” hosting (web hosting designed to make takedowns extremely difficult if not impossible). Back in February of this year Vladimir Tsastsin, EstDomains founder, was sentenced to three years in prison for forgery, money laundering and credit card fraud. This conviction caused EstDomains to break section 5.3 of ICANN’s Registrar Accreditation Agreement. This section states:

Any officer or director of [a] Registrar is convicted or a felony or of a misdemeanor related to financial activities, or is adjudged by a court to have committed fraud or breach of fiduciary duty, or is the subject of judicial determination that ICANN deems as the substantive equivalent of any of these; provided such officer or director is not removed in such circumstances.

On October 28th, ICANN notified EstDomains that on November 12th, 2008, it would no longer be an accredited registrar. ICANN has posted this notice here: http://www.icann.org/correspondence/burnette-to-tsastsin-28oct08-en.pdf

EstDomains is currently attempting to distance themselves from Tsastsin in an attempt to stay in business. They responded to ICANN claiming Tsastsin was removed from his position in January one month before his conviction on the 29th: http://www.icann.org/correspondence/poltev-to-burnette-29oct08-en.pdf

Due to this response October 29th ICANN stayed the termination process:
http://www.icann.org/en/announcements/announcement-2-29oct08-en.htm

Hopefully ICANN will make the right decision and shutdown these criminals for good.

This entry was posted on Monday, November 3rd, 2008 at 2:44 pm.

Share This Information | Beginning of the end for EstDomains

SlashDot |

del.ico.us |

Digg it |

Technorati |

Other SecureWorks Blog Categories:

General (24)

Links (7)

Phishing (3)

Research (61)

Spam (1)

Trojans (4)

Next Steps
	Request More Information Now
	Call Us Today 877-905-6661

Next Steps

Request More Information Now

Call Us Today
877-905-6661

SecureWorks Authors
Beau Woods (1) Ben Feinstein (12) Bow Sineath (1) Counter Threat Unit (2) Daniel Peck (4) David Wharton (2) Dennis Dwyer (3) Don Jackson (5) Erik Petersen (4) Hunter King (3) Joe Stewart (15) Jon Ramsey (5) Matt Anthony (4) Melinda Rosario (1) Nick Chapman (8) Sean Caulfield (3) Stacy Shelley (7)

SecureWorks Authors

SecureWorks Blog Topics
General (24) Links (7) Phishing (3) Research (61) Spam (1) Trojans (4)

SecureWorks Blog Topics

General (24)
Links (7)
Phishing (3)
Research (61)
Spam (1)
Trojans (4)

Search Our Blogs
Popular Tags asprox asprox botnet bgp black hat botnet botnets cache poisoning clickjacking convention ctu cybersecurity defcon disclosure dns dns vulnerability domains email firewalls gmmiv hacking ids/ips intrusion detection intrusion prevention malware mit students pci dss Phishing protected speech protocol rbn russia sami scam security research Spam sql sql attacks sql injections SSH ToorCon trojan vulnerability web application firewalls web apps worm

Search Our Blogs

*Your Name:
*Your Email:
*Their Name:
*Their Email:
Comments:

Beginning of the end for EstDomains

November 3, 2008 by Hunter King

Next Steps

SecureWorks Blog

Send to a Friend

Info Request

Newsletter Signup

Beginning of the end for EstDomains

November 3, 2008 by Hunter King

Next Steps

SecureWorks Blog

Send to a Friend

Info Request

Newsletter Signup

Popular Tags