NameSilo

Theft of Perl.com, a 1994 domain

Labeled as warning in Warnings and Alerts, started by Acroplex, Jan 28, 2021

Replies:
29
Views:
2,812

  1. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,180
    Likes Received:
    2,572
    Perl.com, a 1994 domain name, has been reported as stolen and listed for sale on Afternic and possibly other marketplaces.

    The thief's profile on Afternic, now deleted, indicates they are in the possession of other stolen domains:
    • Piracy.com
    • Chip.com
    • Patterns.com
    • Neurologist.com
    • FinPlan.com (new)
    Fair warning, in case you are contacted to buy/broker these domains.
     
    Last edited: Jan 28, 2021
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,180
    Likes Received:
    2,572
    Adding FinPlan.com to the list of stolen domains by the same criminal.
     
  3. Samer

    Samer Top Contributor VIP

    Posts:
    10,069
    Likes Received:
    19,224
    Pathetic this still happens.

    Thief needs to be exposed and prosecuted to full extent.
     
    Last edited: Jan 28, 2021
  4. robbie777

    robbie777 Established Member

    Posts:
    41
    Likes Received:
    14
    How do they actually manage to steal such domains? Is it a lack of registrar security? Or some kind of email scam to obtain passwords to registrar accounts??
     
  5. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,180
    Likes Received:
    2,572
    This one appears to be via social engineering of registrar support and document forgery. Domain registrars should not ask for "paper" ids.
     
  6. robbie777

    robbie777 Established Member

    Posts:
    41
    Likes Received:
    14
    Scary stuff .. I have a website with the word perl, hence why this thread caught my eye lol can the original owners of that domain not freeze it via icann? What can be done if a domain has been stolen in such a manner?
     
  7. Gube

    Gube 48hr.com VIP

    Posts:
    918
    Likes Received:
    1,432
    They could try, but it seems icann replies for that sort of things are relatively slow..
    Another solution is through the registrar, they typically have access to a dispute resolution system. But you should probably get help from a lawyer if your domain was stolen (and it was worth it), just to be sure at least.
     
  8. ReallyBigIdea.com

    ReallyBigIdea.com Established Member

    Posts:
    822
    Likes Received:
    729
    amazing portfolio...

    According nameservers Afternic knows who is an owner.
    Key-systems have ip address logs

    Domain:
    chip.com

    Registrar:
    Key-Systems GmbH

    Registered On:
    1994-08-16

    Expires On:
    2026-08-15

    Updated On:
    2021-01-27

    Status:
    clientDeleteProhibited
    clientTransferProhibited
    clientUpdateProhibited

    Name Servers:
    ns1.afternic.com
    ns2.afternic.com
     
    Last edited: Jan 28, 2021
  9. lambo.com

    lambo.com CryptoCorp.com VIP

    Posts:
    2,235
    Likes Received:
    4,690
    I nearly acquired finplan, too bad they backed out
     
  10. Mytz.com

    Mytz.com Top 4L [email protected] ieie.com CuTu.com NeSu.com QAMI.com PRO VIP Gold Account

    Posts:
    11,143
    Likes Received:
    1,212
  11. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,180
    Likes Received:
    2,572
    I was informed that the current holder is in Moldova.

    Adding another stolen domain to the list: AcneTreatment.com.
     
  12. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,180
    Likes Received:
    2,572
    Can't update the first post, so more info on the current list of reportedly stolen domains here.
     
  13. lambo.com

    lambo.com CryptoCorp.com VIP

    Posts:
    2,235
    Likes Received:
    4,690
    I wonder if they were stolen at gun point or could be, I suppose, negligence and poor opsec that facilitated their transfer to the new bearer. Any ideas?
     
    Last edited: Feb 1, 2021
  14. Riz M.

    Riz M. Founder @ Rooted.com Previously Empire Names VIP Gold Account

    Posts:
    7,298
    Likes Received:
    12,364
    Mamas.com was also in his list which i was near to buy but i stopped after i investigated further first he set bin of 20000 euros then he changed to minimum offer 25000 euros..
    now a days pvt purchases are way risky so i would suggest to investigate deeply before making any purchase
    Thanks
    Riz M
     
  15. SamQuino

    SamQuino Upgraded Member Gold Account

    Posts:
    713
    Likes Received:
    141
    How did these domain thefts steal domains from the rightful owners?

    just wondering how did they do it.
     
  16. lambo.com

    lambo.com CryptoCorp.com VIP

    Posts:
    2,235
    Likes Received:
    4,690
    It takes negligence on the part of the registrant.

    There are plenty of steps and options to secure a domain asset properly in addition to processes that delay or prevent an unauthorized transfer of a domain.

    Ultimately, a domain name owner is responsible for more than just paying the fees annually. We all need to have proper opsec for our leased assets/ burdens and our digital houses in order.
     
    Last edited: Feb 10, 2021
  17. AEProgram

    AEProgram Top Contributor VIP Blue Account

    Posts:
    1,878
    Likes Received:
    3,765
    is 2FA enough would you say?
     
  18. lambo.com

    lambo.com CryptoCorp.com VIP

    Posts:
    2,235
    Likes Received:
    4,690
    Yes, 2FA is a key step to take along with email address and strong password
     
  19. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,180
    Likes Received:
    2,572
  20. Samer

    Samer Top Contributor VIP

    Posts:
    10,069
    Likes Received:
    19,224
    DNProtect.com by epik aims to solve this.

    Sad it still happens.

    Thank you, @Acroplex.
     
  21. Magul

    Magul Top Contributor VIP Gold Account ★★★★★★★★★★

    Posts:
    2,044
    Likes Received:
    949
    Thats a tiny thief. We all know who the REAL THIEVES are!
     
  22. DirkS

    DirkS DutchPirates.com VIP

    Posts:
    6,932
    Likes Received:
    5,783
  23. Acroplex

    Acroplex Top Member DomainGang.com PRO VIP ★★★★★★★★★★

    Posts:
    4,180
    Likes Received:
    2,572
    Chronicles of the theft: The Perl.com editor Brian D. Foy kept an active log during the incident.

    He released the timeline and overall experience in a testimonial worth reading. More info.
     
  24. DomainRecap

    DomainRecap Top Contributor VIP

    Posts:
    4,502
    Likes Received:
    3,604
    2FA means absolutely nothing when the social engineering attack takes place through the registrar.

    By going straight to the source, the domain thief totally bypasses all the security protocols you have created, and all that's needed is the scammer to convince the registrar CSR that he is you, and that "you" have lost your password/phone/ID/whatever and are in dire need of help.
     
  25. AEProgram

    AEProgram Top Contributor VIP Blue Account

    Posts:
    1,878
    Likes Received:
    3,765
    A CSR rep has such power to just move around domains?
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
biix
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...