Following up on my last post, after filing a complaint with the abuse department of privacyprotect.org (and blogging about the problem), I have just received an update noting that:
On investigating on your complaint , we have determined that the domain name “SPYWARESAFE.NET ” is in violation of the terms of usage of the Privacy Protect service. We have therefore,
- disabled the Privacy Protect service for the domain name, such that it now displays the putative contact details of the domain name holder, and
- notified the sponsoring Registrar about the complaint, who shall act upon the complaint in accordance with their policies.
For any further updates on this matter, you can contact ESTDOMAINS, INC. , the sponsoring Registrar for “SPYWARESAFE.NET”.
We are extremely particular about preventing misuse of our services in any manner. Should you encounter any other such instances, please feel free to notify us immediately.
It’s interesting to note how a little exposure, combined with an email pointing out that the privacy protection is in direct violation of the service terms, gets some gears in motion. Don’t expect though to get complete verifiable details on the domain owner… The known issue with whois data is not limited to hideouts such as privacyprotect.org, but to the entire scheme of how domain registration works, and the accountability (or lack of) of the registrars to make sure that the details of domain owners are at least somewhat relevant. As you can see from the below data, trying to find a “Pavel” that lives in Russia, is like trying to find a “Mohammad” in Saudi-Arabia, or a “Mr. Smith” back in the states…
Registration Service Provided By: ESTDOMAINS INC
Domain Name: SPYWARESAFE.NET
kremlin st. 1
Creation Date: 05-Dec-2007
Expiration Date: 05-Dec-2008
At least the onion is starting to peel off and maybe hopefully law-enforcement can get better details on the owner, or work with the registrar to track him/her down.
Off to Amasterdam now – see you in BlackHat EU (Friday the 28th, track 2, 10am)!