Cybercrime

Cybercrime / Recently Commented

WIPO Snafu Over britishmuseum.org Case?

WIPO just published a decision regarding the domain dispute over the britishmuseum.org domain name. At first glance, everything seems alright. The world famous British Museum won in a default judgment as the current registrant (the respondent) never replied). However, drill a little deeper and something is amiss. The "parties" section of the case lists the respondent as "British Museum Resources, Limited, West Bay, George Town, Kentucky, United States of America." more

New Wave of Illegal Activity Breed of So-Called P2P Worm

Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace.

Security experts have predicted over the last several years that botnets of hijacked PCs would pose one of the staunchest challenges faced by the IT community as criminals discovered new ways to use them to deliver attacks. more

Microsoft Investigating Windows DNS Server Attacks

Microsoft is investigating attacks exploiting a vulnerability in the Windows Server Domain Name System Service, as well as two types of hacks targeting Vista's OEM BIOS activation feature... "Our investigation reveals that this vulnerability could allow a criminal to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM," a Microsoft spokesperson said. more

Microsoft Launches Court Actions Against Cybersquatters

Microsoft is launching a string of court actions in the United States and Europe against cybersquatters, the Financial Times reported on Wednesday.

"Cybersquatting is a growing problem for brands around the world and we hope to educate other brand holders and encourage them to take action," Aaron Kornblum, a senior Microsoft lawyer, told the business daily. more

Cybersquatting Cases Rose 25 Percent Last Year, Says WIPO

The U.N. copyright agency (World Intellectual Property Organization) that arbitrates more than half the world's "cybersquatting" cases saw a 25 percent increase in complaints last year. WIPO received 1,823 complaints in 2006 alleging abusive registrations of trademarks as Internet domain names. more

ICANN Releases DNS Attack Factsheet Concerning Recent Attacks

ICANN has released a factsheet concerning the recent attack on the root server system on 6 February 2007. The factsheet is intended to provide an explanation of the attack for a non-technical audience and hopes to enlarge public understanding surrounding this and related issues.

Aside from covering the attack itself and the engineers' response to it, the factsheet also briefly reviews the root server system, the domain name system, Anycast technology, and what can be done in order to deal with such attacks in future. The fact sheet can be downloaded here [PDF]. more

Cybersquatting and Geopolitics Heats Up

Cybersquatting is so 2000, or so we thought. The Uniform Dispute Resolution Policy (UDRP) at WIPO has been chugging along for several years now, methodically determining if complainants IP rights have been violated and reassigning "ownership" of domain names. Typically, the cases are fairly boring. But some recent developments in the world of 800 lb search gorillas, Google and Baidu, suggests that the regime could be faced with substantial pressure in the near future. more

Anti-DNS Google Desktop Attack Reported

Google's PC search software is vulnerable to a variation on a little-known Web-based attack called anti-DNS (Domain Name System) pinning, that could give an attacker access to any data indexed by Google Desktop, security researchers said this week.

...Anti-DNS pinning is an emerging area of security research, understood by just a handful of researchers, said Jeremiah Grossman, chief technical officer at WhiteHat Security. more

Researchers Say Attackers Can Hit Home Routers

If you haven't changed the default password on your home router, do so now. That's what researchers at Symantec and Indiana University are saying, after publishing the results of tests that show how attackers could take over your home router using malicious JavaScript code.

...In tests, the researchers were able to do things like change firmware and redirect a D-Link Systems DI-524 wireless router to look up websites from a DNS server of their choosing. more

Phishing Attacks Surpass Viruses and Trojans

Phishing attacks have outnumbered emails infected with viruses and Trojan horse programs for the first time, according to security experts.

...The difference in the ratio of phishing to virus attacks is partly due to virus attacks becoming more targeted and no longer occurring as one large outbreak. This includes the recent Storm Worm and Warezov attacks, according to MessageLabs. more

Top Domain Name News Stories of 2006

Record-breaking domain sales, acquisitions, and growing industry credibility all highlight a critical year for the domain name industry. The domain name industry had a heck of a year. It's impossible to rank the top news stories of 2006, but I'm going to make an attempt... Let's talk about it before the end of the year; then let's look forward to a fantastic 2007. more

Domain Name Arbitration Disputes on Rise

Internet domain name arbitration disputes have risen by more than a quarter since January 2005 -- despite the expansion of generic top-level domain addresses like .biz and .info -- as cybersquatters find more sophisticated ways of encroaching on legitimate Web sites.

...Typosquatting, a form of cybersquatting that involves capturing another company's Web traffic by registering misspelled versions of a well-known Internet site or brand name, is driving much of the growth in domain-name disputes, according to intellectual property lawyers. more

Microsoft Launches New Offensive Against Cybersquatters

Microsoft on Tuesday launched a new offensive against cybersquatters who allegedly gain illegal profits from thousands of Web sites, such as WindowsLiveTutorial.com and HaloChamp.com, that include the company's trademarked names.

Redmond filed three lawsuits in federal court this week claiming that some Web site operators have registered and operate hundreds of domain names with the sole purpose of reaping "bad faith" profits and in violation of federal and state laws. more

Europe Must Reboot its Fledgling .EU Domain Name

Europe must reboot its fledgling domain name to avoid a system crash, critics say, after alleged missteps allowed cybersquatters to stockpile trademarks for auction.

...Diana Wallis, a British liberal European Parliament member on the body's legal affairs committee, has asked the Commission to give a "full explanation of how the .eu domain allocation has been handled."

"If the scale of the abuse is anything like what appears to have taken place, this will represent a major EU scandal and commissioners will need to be brought to account," she said. more

In Rem Domain Name Proceeding: Sometimes "may" Means "must"

Investools, Inc. recently filed an in rem domain name proceeding against a Canadian entity that registered the domain names investtools.com and investtool.com. In rem domain name proceedings are provided for under the Anticybersquatting Consumer Protection Act ("ACPA"), 15 U.S.C. 1125(d), and are a handy way for a trademark owner to acquire a domain name from a cybersquatter when the cybersquatter can't be found e.g., is located outside the U.S. ...The ACPA requires that a plaintiff demonstrate four things to establish in rem jurisdiction over a domain name... more