Report Uncovers Online Roid Rage

Illegal steroid sales are still all the rage online in the U.S.A.

While sports officials on all levels continue their push to drive anabolic steroid use out of athletic competition, lawmakers have apparently been unable stop online sales of the illegal performance enhancers.

A new report published by LegitScript.com, an online pharmacy verification service, and spam researchers with KnujOn.com, discovered some 156 individual web sites that are actively distributing roids.

“None of the steroid web sites we reviewed required a prescription, and none used any sort of age verification service,” John Horton, president of LegitScript said in a report summary. “Studies indicate that youth and young adults are the most at risk for illicit steroid use, and these web sites are just a fraction of those we identified selling these drugs.”

The report also found that every one of the needle-pushing URLs involved were registered with eight domain name registrars, all of whom are located in the United States.

In most cases, the parties behind the sites have used anonymous registration services — services that many security researchers have named as a root cause of the continued proliferation of online cyber-crime. In all the other cases involved the registered parties are located outside of U.S. borders.

And despite the fact that every U.S.-based registrar can terminate services if a customer is breaking the law, and the fact that LegitScript and KnujOn officially requested that each steroid site be taken offline close to one month ago, the lion’s share remain in business today.

“So far, most of the web sites are still active,” Garth Bruen, president of KnujOn, said in the report. “This is a big problem, and it’s important that the domain name registrars terminate access to these sites.”

In the case of malware-infected sites tracked by research groups such as Harvard Law School’s Stopbadware.org, public identification of the companies in such reports has helped encourage some registrars to begin enforcing their rules more strictly and push much of the illegal activity off of U.S. soil.

We’ll see if researchers and lawmakers can have the same effect with online steroid sales.

Paging Sen. McCain, paging Sen. Obama?

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.