IT.COM

warning Theft of Perl.com, a 1994 domain

Spaceship Spaceship
Watch
Impact
5,736
Perl.com, a 1994 domain name, has been reported as stolen and listed for sale on Afternic and possibly other marketplaces.

The thief's profile on Afternic, now deleted, indicates they are in the possession of other stolen domains:
  • Piracy.com
  • Chip.com
  • Patterns.com
  • Neurologist.com
  • FinPlan.com (new)
Fair warning, in case you are contacted to buy/broker these domains.
 
Last edited:
26
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Adding FinPlan.com to the list of stolen domains by the same criminal.
 
7
•••
Pathetic this still happens.

Thief needs to be exposed and prosecuted to full extent.
 
Last edited:
4
•••
How do they actually manage to steal such domains? Is it a lack of registrar security? Or some kind of email scam to obtain passwords to registrar accounts??
 
3
•••
This one appears to be via social engineering of registrar support and document forgery. Domain registrars should not ask for "paper" ids.
 
7
•••
Scary stuff .. I have a website with the word perl, hence why this thread caught my eye lol can the original owners of that domain not freeze it via icann? What can be done if a domain has been stolen in such a manner?
 
3
•••
Scary stuff .. I have a website with the word perl, hence why this thread caught my eye lol can the original owners of that domain not freeze it via icann? What can be done if a domain has been stolen in such a manner?
They could try, but it seems icann replies for that sort of things are relatively slow..
Another solution is through the registrar, they typically have access to a dispute resolution system. But you should probably get help from a lawyer if your domain was stolen (and it was worth it), just to be sure at least.
 
4
•••
amazing portfolio...

According nameservers Afternic knows who is an owner.
Key-systems have ip address logs

Domain:
chip.com

Registrar:
Key-Systems GmbH

Registered On:
1994-08-16

Expires On:
2026-08-15

Updated On:
2021-01-27

Status:
clientDeleteProhibited
clientTransferProhibited
clientUpdateProhibited

Name Servers:
ns1.afternic.com
ns2.afternic.com
 
Last edited:
4
•••
I nearly acquired finplan, too bad they backed out
 
4
•••
1
•••
I was informed that the current holder is in Moldova.

Adding another stolen domain to the list: AcneTreatment.com.
 
7
•••
Can't update the first post, so more info on the current list of reportedly stolen domains here.
 
2
•••
I wonder if they were stolen at gun point or could be, I suppose, negligence and poor opsec that facilitated their transfer to the new bearer. Any ideas?
 
Last edited:
0
•••
Can't update the first post, so more info on the current list of reportedly stolen domains here.
Mamas.com was also in his list which i was near to buy but i stopped after i investigated further first he set bin of 20000 euros then he changed to minimum offer 25000 euros..
now a days pvt purchases are way risky so i would suggest to investigate deeply before making any purchase
Thanks
Riz M
 
4
•••
How did these domain thefts steal domains from the rightful owners?

just wondering how did they do it.
 
0
•••
How did these domain thefts steal domains from the rightful owners?

just wondering how did they do it.
It takes negligence on the part of the registrant.

There are plenty of steps and options to secure a domain asset properly in addition to processes that delay or prevent an unauthorized transfer of a domain.

Ultimately, a domain name owner is responsible for more than just paying the fees annually. We all need to have proper opsec for our leased assets/ burdens and our digital houses in order.
 
Last edited:
2
•••
It takes negligence on the part of the registrant.

There are plenty of steps and options to secure a domain asset properly in addition to processes that delay or prevent an unauthorized transfer of a domain.

Ultimately, a domain name owner is responsible for more than just paying the fees annually. We all need to have proper opsec for our leased assets/ burdens and our digital houses in order.
is 2FA enough would you say?
 
0
•••
1
•••
3
•••
DNProtect.com by epik aims to solve this.

Sad it still happens.

Thank you, @Acroplex.
 
0
•••
Thats a tiny thief. We all know who the REAL THIEVES are!
 
1
•••
2
•••
Chronicles of the theft: The Perl.com editor Brian D. Foy kept an active log during the incident.

He released the timeline and overall experience in a testimonial worth reading. More info.
 
3
•••
is 2FA enough would you say?

2FA means absolutely nothing when the social engineering attack takes place through the registrar.

By going straight to the source, the domain thief totally bypasses all the security protocols you have created, and all that's needed is the scammer to convince the registrar CSR that he is you, and that "you" have lost your password/phone/ID/whatever and are in dire need of help.
 
3
•••
2FA means absolutely nothing when the social engineering attack takes place through the registrar.

By going straight to the source, the domain thief totally bypasses all the security protocols you have created, and all that's needed is the scammer to convince the registrar CSR that he is you, and that "you" have lost your password/phone/ID/whatever and are in dire need of help.
A CSR rep has such power to just move around domains?
 
0
•••
Back