The Great Domain Robbery of 05

Opinion: Not too long after ICANN changed the rules, a domain thief has stolen several domains. Have the new rules already failed, or have the registrars failed their customers?

A lot of people lost e-mail, access to Web administration and even their porno accounts over the weekend. Yes, it was a momentous and stressful couple of days.

Several domains were stolen, including panix.com, the home domain of Internet service provider Panix, the oldest ISP in the New York area (or so they say about themselves). This particular thievery is what raised most of the attention, because Panix customers who use a panix.com e-mail address stopped getting their mail.

According to this message on ICANNs message boards by George Kirikos, aem.com and f3.com (both of which, I think, are car-related sites), as well as xybererotica.com, appear to have been stolen as well. In fact, all three of these domains seem now to have the same whois data and point to the same Web site. Some serious traffic was diverted, and the new sites are spyware-infected. (Perhaps the old ones were too, I cant say.)

It may be the first great test of the response of ICANN and the domain registrar industry to a violation of their new policies implemented late in 2004. I expressed concern about these new policies at the time, but was reassured that one of the strengths of the new system was the well-defined mechanism for dealing with disputes.

But theres a good chance here that the central issue is not so much disputes between registrars but sloppy procedures at some registrars that allowed an unverified transfer through. Panix says on its home page (as of Monday morning, EST) that Melbourne IT, the Aussie registrar to whom the domain was illegitimately transferred, has reverted the domain back to them. This does indicate that there was no real dispute once Melbourne IT woke up Monday morning and realized what had happened. Incredibly, Melbourne IT, not a teeny company, has no support available over the weekend. The hijackers may have counted on this fact.

The motivation behind the ICANN rule changes was actually to streamline domain transfers between registrars. Some registrars (cough! Verisign! cough!) had a reputation for sitting on valid requests for transfers to other, almost certainly less-expensive registrars. The new rules create a presumption that the transfer will proceed after some period of time unless it is denied for some valid reason. The registrars still have to contact the owner of the domain, presumably through the whois records.

Next Page: Concern on two fronts.