Discussion in 'Warnings and Alerts' started by TheLegendaryJP, Sep 12, 2016 at 4:04 PM.
I will share this thread in WeChat.. I think there r members fr 4.cn
Your post has been read by several Chinese domainers/community and
Eva Wang from DN.com will label these as stolen names in their database.
Thank you NYK
YOU GUYS ROCK = What a big job but I looked at every domain I have...
Check your wallets people
a good thread about only that on namepros can be good enough for that.
it gets easily indexed into google searches etc.
like a showcase thread for an extesion or niche.. except for stolen domains
Superb idea! I would follow it.
saw this on that domen forum dot net site. posted by mattNetsol.
Posted by Bassta https://domen forum/images/buttons/viewpost.gif
From 4N currently have:
7576.com month ago 2755.com sold for $ 48K
Stasik steal domains is bad. We have already filed a complaint with the Department To carry out the fight against computer crime, is now apply to the police in Magnitogorsk. Also, I believe the Federal Tax Service will be very interesting to look at your bank account, but that is a secondary matter.
Oh schuckz! he's in trouble now! they've brought in Magneto from X-men!
Great stuff, my hope is they give him some Russian style justice, his brazenness is sickening.
a few years in a Siberian Gulag will do nicely!
The TAKE AWAY from this story is make sure to change your password regularly. even better never access your registrar via Mobile or at the very least use Mcafee's Password Storage app that generates a highly encrypted password for any site you enter from your desktop and keeps yours passwords in an encrypted file.
btw STANISLAV KHRAMOV the thief is starting to move names to a Russian registrar Reg.ru 2517.com for example but never fear it doesn't matter where they are, they can be recovered. We have contacted the owners of that rar and I suggest everyone who reads this thread emails them too to complain and link this thread.
Email/Contact/Phone especially Russian speakers and let them know STANISLAV is a thief!
Registrant Name: Alexey Korolyuk
Registrant Organization: Domain name registrar REG.RU
Registrant Street: Domain names registrar REG.RU, house 3, Vassily Petushkov str.
Registrant City: Moscow
Registrant State/Province: Moscow
Registrant Postal Code: 125476
Registrant Country: RU
Registrant Phone: +74955801111
Registrant Phone Ext:
Registrant Fax Ext:
Registrant Email: [email protected]
You guys are doing a public service. Hope that guy gets what he deserves.
Here's a thought and it's something I've asked on NP and never got a reply. After reading this thread. Anyone ever get the "Feeling" the you registered or bought a specific domain but since you have so many you can't keep track?
You read threads on NP about a niche you are following. Then you think hmmm what did I have in that niche? oh yea! I remember regging blahblahblahvr.com then you check it's not in your account. then you check the whois. and it's owned by someone else.
and you check the date. it was registered years before.
could these thieves like this guy brute force a domainers registrar account and cherry pick certain domains and take it out the account without and record even of a transfer? and then somehow "fudge" the whois data to make it look like it was registered years before?
maybe I'm just being paranoid but you can't be too paranoid these days. anything is possible. if they can hack the NSA. trust me they can hack anything if given enough motivation.
To answer in short, no all transfers recorded, they cannot play with dates in whois. They can photo shop what they want but the recorded whois data, no.
As far as brute force your account, sure they can and they do, I am sure it is one of the ways our thief here works that and many other ways.
thanks for the heads up JP...
I will try to call him later today. But I guess the owner is already aware (mattNetsol at domen forum who posted about filing a police complaint). Anyway, I'll give a call just in case the domains were stolen from different people.
It's also interesting that Stanislav (username Bassta at domen forum) who is suspected to be a theif here, said on that Russian forum that he had bought those domains from someone for a low price (no proof of purchase provided though). So, he might not necessarily be a real thief, just someone who bought those domains despite the fact he knew (or at least must have suspected because of low price) that they were stolen. He registered at that forum in 2006 and sold good domains back in 2013 and earlier, so he has some reputation there. But I guess xxx,xxx$ numbers he is talking there about can make miracles. It's up to police to investigate now.
There is no doubt he is the thief, you do not buy 20+ stolen domains from 20 different people within 18 months and expect us to believe on top of that nearly improbable scenario you have no real proof of paying anyone because bitcoin.
One stolen name, maybe even a few from the same seller but not 20+ all owned by different people, this guys lies lack creativity and insult intelligence.
Keep in mind as he flips the stolen domains I have seen where he does buy with the ill gotten gains.
Any way appreciate the calls to the reg.ru rar and reporting this guy.
another way to protect yourself from domain theft is to use 2 factor authentication and have your domains monitored by a service like domaintools.com
When someone unlocks your domain the service will send you an email. Then you could contact the registrar to have them cancel the transfer.
I get your point. But in my opinion it still doesn't prove that the guy (Stanislav aka Bassta) is the real thief. He might have bought all those domains from the same thief who stole domains, and then resold. Surely doing this continually and closing eyes on the origin of the domains can be considered as being a companion in crime. I think it's the case. Let's hope police will be able to investigate it
I don't really see how this may help. If a thief wants to transfer a domain from your account, he will have to have an access to your email account to confirm it. Unless you indicate a different email for domain unlocking notification.
Believe me there is no doubt he is the thief, he goofed up on names that he stole where he didn't move them twice (he likes to do this often) to try and cover his tracks or lie about origins. Secondly several rar's now know his IP address and it matches the IP that has illegally accessed the victims of his crime. You cannot see an IP access a victims account and two registrars later be the same IP and not be the thief! He thinks he is smart but the evidence of your tracks are clear online, he IS the thief, no doubt. And in the coming week(s) hope to report another name has been recovered.
There is no debate here and secondly he never even uses the excuse he bought them from a thief unknowingly as an excuse, he is very smart and incredibly sloppy at the same time because he doesn't care, he is highly immoral.
No doubt Stanislav is a thief, none, zero, zilch, nada, zippo, he's a thief!
Thanks for more details! With the IP information you mentioned it's getting much more clear. I will definitely contact the administrator of the Russian forum and post your info there. Also call the reg.ru and the owner. (a bit later)
Specially registered here to answer your questions idiots on:
1. Yes, I actually bought these domains in Russian forum, I bought a one person, and the payment is directly spent on the credit card. In Russia we can do so, we have the concept of escrow
2. These domains are held by me at least half a year and what do you think I am a complete idiot just put my data in domains whois? No. During all this time, no complaints for a single domain is not reported
About domain 1371.com:
I bought it in November 2015, I do not remember. I first moved to its registrar name.kom, there allegedly received a complaint from the owner:
I can answer the following, firstly I met with the owner first sells the domain, and then after a while says that the domain registrar allegedly was stolen and asked to return the domain back. If the buyer from another country and even more so if it is not paid through escrow is not possible to prove the purchase, ie the seller return the domain, and it remains with the money and the domain.
I wrote about this to the manager Name.com, And he said that if the seller can prove that the domain name really was stolen from him and not what he sold it, I agree to return to his domain. The man could not prove anything, and then provide any documents.
Here is a screenshot of correspondence with the Department of Abuse Name.com:
You idiots, you have created an artificial problem and now clucking over it. None of these domains has not been a single complaint, all the time. And yes, I am always ready to return to the legal owner of the domain, if it does prove that the domain was stolen, not the fact that he sold it and wants to return back.
And yes, no registrar will not block domains, without evidence or a court decision. Do you now there is no evidence on any domain !!!
If there is - show. So far, all that you say and then prove that I am a thief, all these words without evidence!
You say that you know the IP address, and they are the same? We first prove that it is my IP address and what I went and stole these domains! Be able to work with facts and not with words, and do not believe what you are trying to prove the words! So far, all that you have - it's just empty words!
I meant you use a monitoring service that is not from the registrar and that uses a different email.
I think the best thing is to use several email aliases(WHOIS, contact, registrar, monitoring etc.) and have them forwarded to your main email address.
Personally I would avoid using your primary email address in WHOIS. You are making yourself a much easier target by giving a potential attacker this information.
I have the perfect name if anyone wants to build it out
Separate names with a comma.