The ongoing saga of the domain owner of Lightly.com, which is currently a stolen domain, prompted us to research similar domain thefts.
In a case from June 2013, the domain name 8si.com was hijacked from a GoDaddy account, and was moved to the Chinese registrar, ename.com.
If it sounds familiar, it’s because the Lightly.com case matches both losing and gaining registrars.
The owners of 8si.com posted their plight over a year ago, stating:
“Our domain name 8si.com, which we have held for over 12 years and conducted business with established clients has been stolen. According to GoDaddy.com, someone used our account to transfer our domain name to another registrar. Our email alerts simply show an account contact change and subsequent domain name deletion. I still doubt whether it is a manual activity transfer that occurred with GoDaddy or malicious code that penetrated their system that resulted in this theft.”
Seems like exactly what happened to Lightly.com! And the 8si.com owner continues:
“GoDaddy had said they will try to recover our domain name from eName Technologies, in acknowledgment of the unauthorized transaction. Before they could do so, they needed proof that we are the domain registrant by providing personal and corporate identification. I complied in full, sending necessary documentation. In three weeks, I received zero to non-substantive updates from GoDaddy. They limited the means of communication to an e-mail address, transferdisputes@godaddy.com and ensured responses obscured the identity of GoDaddy representatives by refusing to disclose contact surnames. This week GoDaddy simply gave up after much follow up on our part, informing us that eName Technologies refused to transfer back the domain. My requests for details of actions and steps they undertook to recover the domain name were left unanswered. “
More matching circumstances: 8si.com was then listed for sale on the Chinese domain auction marketplace, 4.CN.
In fact, the 8si.com owner takes his research a step further, emphasizing how ename.com is not just another simple registrar, it’s also a domain auction platform:
“EName Technologies Inc. is not your typical ICANN domain registrar. It is a Chinese front for auctioning domain names. I liken this registrar to be in the same line of business as the “Cash for Gold” stores that have recently sprouted in our cities, pawning loose jewelry for cash. Small wonder why we see a sudden rise in break-ins in our neighborhood. This business model encourages the type of lawlessness in domain hijacking we see today by giving thieves a forum for selling stolen goods. It is in many ways not different than a virtual marketplace for domain-napping and ransom.”
Why is it so difficult for the losing registrar – GoDaddy, in these cases – to present the valid info of ownership, logging IPs, credentials and police reports to the gaining registrar – ename.com in these cases – and reclaim the domain without much hassle?
We are keeping an eye on the stolen domain name, Lightly.com; for the full case and documents regarding the theft of 8si.com click here.
Wanted to ask have there been any reported thefts from people that have had two way authentication enabled on their GoDaddy accounts? If theifs have figured a way around that then I think its about time to move to another registrar for me.
Corey – As far as I know, the two factor authentication is utilized not only upon logging in, but when contacting support over the phone (they will send a text to your phone.) In the case of Lightly.com it was *not* enabled.
I have many examples of registrar thefts, if you’d like more examples to research. Any assistance to right these unfair wrongs to legitimate domain owners, would be appreciated.
Specifically, for example, three domains were taken from my enom account, listing them still as in my account until I renewed them, along with twelve others also due the same dates, at which point I learned two had been sold through enom’s sister auction company, and the third, an active clients domain, put into redemption, with a $120 ransom. Enom had no time or care to discuss, let alone research or return my property to me.
Help?!?
R Gem – Sure, email us directly with details. Check the ‘About Us’ page for contact info. Thanks!