Hello folks, welcome yet to another blog post here on the technology blog.
This post is going to talk about something that even got some discussion from someone on Twitter.
The article was of course written by Brian Krebs who is one of my favorite writers.
Freenom allowed for free registrations until recently. The article we’re referencing is titled Sued by Meta, Freenom Halts Domain Registrations.
Why would Meta, also known as Facebook, have anything to do with Freenom who doesn’t make any money on certain domains they register for free?
Here’s the thread that started it all.
BrianKrebs: New: Sued by Meta, Freenom Halts Domain Registrations.
The domain name registrar Freenom, whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch registrar was sued by Meta, which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains.
https://krebsonsecurity.com/2023/03/sued-by-meta-freenom-halts-domain-registrations/
Image 1: A chart from a report commissioned by the European Commission in 2021 ranking the top 10 TLDs most-abused by phishers. Freenom’s five free ccTLDs made up half the list.
It interested me so I responded. I wrote:
Jared Rimer: @briankrebs Looking forward in reading this. I have heard of these guys and they were mentioned in reports by Phishlabs and Trend Micro as abusive. Never used them.
Brian favorited this which is a good sign. It shows that someone is interested. I don’t expect a response, I know people like him are of interest.
What interested me was the conversation after my response.
notsureither :verified: :verified:: @jrimer2023 @briankrebs I used them back when I was young and broke (for legitimate purposes) and I can confirm that it’s a horrible service. They really do redirect your expired domains to pornographic sites, and the free domains can be registered with zero personal information.
I asked about TLD’s being sold. The response was probably not surprising, but quite interesting.
notsureither :verified: :verified:: @jrimer2023 .tk, .gq, .ml, and others
I remember seeing .tk for quite awhile. .hq I’ve seen recently as we’ve been fighting spam on the JRN. I told this person I got tons of crap from the .tk brand of domains so this wasn’t surprising.
While the conversation died from there, I did read this article that i linked above from Brian and it is an interesting one if you’re interested in domains.
The domain name registrar Freenom, whose free domain names have long been a draw for spammers and phishers, has stopped allowing new domain name registrations. The move comes just days after the Dutch registrar was sued by Meta, which alleges the company ignores abuse complaints about phishing websites while monetizing traffic to those abusive domains.
Here is more information that I gleaned from the article after the above brief conversation on Mastodon.
Freenom is the domain name registry service provider for five so-called “country code top level domains” (ccTLDs), including .cf for the Central African
Republic; .ga for Gabon; .gq for Equatorial Guinea; .ml for Mali; and .tk for Tokelau.
So … from this list, I’ve seen .cf domains, .tk domains, .ga domains and .tk domains.
More recently I’ve seen .hq domains emailing superior-software before i put a stop to that as that domain was forwarding to the route address on the account. You can chalk that up to user error.
Freenom has always waived the registration fees for domains in these country-code domains, presumably as a way to encourage users to pay for related services, such as registering a .com or .net domain, for which Freenom does charge a fee.
Apparently they were sued under Cybersquatting rules and of course phishing their users. Links to cybersquatting and phishing are in the article.
“The five ccTLDs to which Freenom provides its services are the TLDs of choice for cybercriminals because Freenom provides free domain name registration services and shields its customers’ identity, even after being presented with evidence that the domain names are being used for illegal purposes,” the complaint charges. “Even after receiving notices of infringement or phishing by its customers, Freenom continues to license new infringing domain names to those same customers.”
So … we can see that they really don’t care about abuse complaints? Can we put them under the umbrella of providers who ignore complaints? We call them bullet proof hosters.
podcast 127, blog post asking how bad it can get and preview of podcast 127
Freenom has not yet responded to requests for comment. But attempts to register a domain through the company’s website as of publication time generated an error message that reads:
“Because of technical issues the Freenom application for new registrations is temporarily out-of-order. Please accept our apologies for the inconvenience. We are working on a solution and hope to resume operations shortly. Thank you for your understanding.”
The typical request for comment paragraph, right? Should be surprised on this one?
Technical issues? Or the fact you’re forced to deal with the fucking problem that you’ve been ignoring for years and you’re being slapped with a suit that you now have to deal with? I don’t buy the technical problem bullshit of your above paragraph. I completely call bull shit on this one paragraph. Good reporting, Brian.
Although Freenom is based in The Netherlands, some of its other sister companies named as defendants in the lawsuit names are incorporated in the United States.
The original suit was filed late 2022 and sealed but the seal was denied. At the time of publication of this article, Meta amended and refiled this suit the prior week.
“On information and belief, one or more of the ccTLD Service Providers, ID Shield, Yoursafe, Freedom Registry, Fintag, Cervesia, VTL, Joost Zuurbier Management Services B.V., and Doe Defendants were created to hide assets, ensure unlawful activity including cybersquatting and phishing goes undetected, and to further the goals of Freenom,” Meta charged.
So this goes under the Bullet Proof Hosting moniker then? No wonder I smelled bull shit. See podcast 127 for our talk on bullet proof hosting and at least one article on it in the section above.
It remains unclear why Freenom has stopped allowing domain registration, but it could be that the company was recently the subject of some kind of disciplinary
action by the Internet Corporation for Assigned Names and Numbers (ICANN), the nonprofit entity which oversees the domain registrars.
Icann also did not respond for requests to comment for the story, although they aren’t necessarily to blame.
Again, the article is titled Sued by Meta, Freenom Halts Domain Registrations and I hope you enjoy this one. Have fun!
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.