The CNNIC (China Internet Network Information Centre) changed some of its domain registration rules. Now, applicants are required to submit a formal, paper-based application to a registrar that includes, among other things, a photocopy of the registrant’s identification.
At the time, some security researchers predicted the move would have the side effect of making Chinese domains less attractive for cyber-criminals seeking anonymity.
“This is the highest proportion of any TLD, with just under one-third of spammed domains,” Gavin Neale, an M86 security researcher, posted on the company’s Security Labs blog. The .com domain came in second
“Spammers generally advertise each domain for only a couple of hours and register new ones all the time,” Gavin Neale wrote. “In the last month from spam alone we have seen over 4,000 .ru domains registered through Naunet. These are hosting a variety of spam Websites, including Ultimate Replica, Dr Maxman, online casinos, Via Grow and Eurosoft Software.
“We have also seen over 1,800 domains registered through Reg.ru in spam over the last month, all of which lead to Canadian pharmacy Websites,” he continued. “Reg.ru actually has a feature to register up to 600 domains at once, pretty useful for a spammer.”
The rules for domain registration in Russia are similar to other areas of the world, Bradley Anstis, vice president of technology strategy at M86, told eWEEK. The Internet community could do itself a favour and mandate what the rules should be but the major issue is not the rules, it is enforcement.
“China has been trying to clean up its act, and good on them, they have made a change. The change is for the spammers to go back to where they used to be, Russia,” Anstis said. “They went to China because of very lax rules, or the complete lack of rules; also a lot of flexibility around automatically registering many domains at once and doing it programmatically. As China tightened all this up and start actually enforcing these rules, this change has been the result.
“This is perhaps an issue that the overall Internet community should take up. We need a consistent set of rules and accountability for the enforcement of those rules,” he continued. “Another example of a rule or policy that is very lax in certain geographies is takedown requests to hosting companies, or even registrars, and answers to any questions on the activities of the same.
“Think back a couple of weeks ago [to] the welcome news that Pushdo as a spamming botnet had been wounded with C&C server takedowns… but they were not able to take down 100 percent of the C&C servers. Why? Because requests for action went unanswered to some hosting companies and registrars and so they remained back online and the result is that Pushdo is back growing again.”
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…