[ISN] FC: More on hoopla.com domain reportedly stolen via fax to Verisign

From: InfoSec News (isnat_private)
Date: Tue Apr 16 2002 - 00:29:42 PDT

  • Next message: InfoSec News: "Re: [ISN] UMass computer scientist offers a new way to track internet vandals"

    ---------- Forwarded message ----------
    Date: Sat, 13 Apr 2002 09:24:51 -0700
    From: Declan McCullagh <declanat_private>
    To: politechat_private
    Subject: FC: More on hoopla.com domain reportedly stolen via fax to Verisign
    From: adminat_private (admin)
    To: <declanat_private>, <twinsetat_private>
    Subject: RE: Domain heist: Hoopla.com reportedly stolen via fax to Verisign
    Date: Sat, 13 Apr 2002 00:43:11 -0400
    Message-ID: <005401c1e2a5$b76ab730$2b483244@CJ52269B>
    The attorney at VeriSign (Network Solutions) who handles these cases is
    Phil Sbarbaro at philsat_private  What the issue is that they get
    fax authorizations to update the admin contact all the time because
    people let their domain records become outdated.  Then there is the
    question of how much work does NSI do in order to verify the
    authenticity of the fax and/or use due dilligence to correct the matter.
    As for getting the domain back via legal means there are generally 2
    ways to do that.  One is the Dispute Policy (UDRP) where the owner would
    claim trademark rights or a court order. johnat_private is
    Many registrars are now allow users to use "registry locking" which is
    essentially the same as locking in your long distance carrier with your
    local phone company.
    Russ Smith
    From: "Raymond Hines III" <rayat_private>
    Organization: DreamStates Technologies, Inc.
    To: declanat_private
    Date: Fri, 12 Apr 2002 18:25:38 +0005
    Subject: Re: FC: Domain heist: Hoopla.com reportedly stolen via fax to Verisign
    This also happened to me - I used to own the domain name "dream.org"
    back in 1994 when I ran an online BBS called DreamStates BBS. The
    techies at the University of Florida graciously allowed me to pull email and
    newsgroups via the UUCP protocol under my own domain name (dream.org).
    It was very cool and DreamStates BBS was one of the first "internet" enabled
    BBSes in all of Florida.
    Years later I moved and no longer used the domain name but had it parked
    under my personal webmaster account with a hosting company to save for
    future use.  When it came time for renewal, I found out that I no longer owned
    the domain name -- it was swiped right out under from me with nary a word
    from anyone.  Apparently someone in Hong Kong stole it and to this day it is
    still registered to someone there.
    After many frantic calls and faxes with Network Solutions, the conclusion
    was "You're screwed." in so many words. I just gave up fighting for it long
    ago since I was a still a struggling student at the University and didn't have
    the time nor the resources to fight it legally.
    However, after that nasty experience, I transferred all my domains from
    Network Solutions to OpenSRS which now has the ability to "lock" your
    domain in from being transferred unless you explicitly approve it. I feel much
    safer now and I would recommend folks transfer their domains away from
    control of Network Solutions for that reason alone (not to mention the
    cheaper fees as well).
    Date: Fri, 12 Apr 2002 15:33:33 -0700
    From: Troy Davis <troyat_private>
    To: Declan McCullagh <declanat_private>
    Cc: politechat_private
    Subject: Re: FC: Domain heist: Hoopla.com reportedly stolen via fax to Verisign
    That happened to one of our domains in late 1998 -- twice.  The hijacker
    faxed a forged change request, it was approved despite our email rejection,
    and we spent many hours on the phone to get it back.  NetSol switched it
    back and said it was locked from future changes.  Two days later, same thing
    happened and we did it all over again.  This time they apparantly locked it,
    or the guy gave up.
    After it happened, we started a thread on a mailing list that NSI used to
    host for discussing the domain registration process.  8-10 people replied
    to the thread, so they knew about the problem then.  Unfortunately the list
    has been closed and the archives seem to be gone.  Worse, it sounds like the
    process is still broken.
    Date: Sat, 13 Apr 2002 14:42:09 +0200
    To: Dean Allen <twinsetat_private>
    From: Alexander Svensson <alexanderat_private>
    Subject: Re: FC: Domain heist: Hoopla.com reportedly stolen via fax to
    Cc: declanat_private
    At 12.04.2002 13:48, Declan McCullagh wrote:
     >From: Dean Allen <twinsetat_private>
     >A friend of mine, Leslie Harpold, published a well-respected blog/site 
    called at hoopla.com. A few days ago her domain was illegally transferred 
    to someone named Hubert Sarah in Berlin, seemingly on the basis of one fax 
    to NetSol.
    unfortunately, the new whois entry is complete
    garbage -- there is no "kreshenc 8402 street beunce"
    in Berlin, and 41645 is not the correct ZIP code
    for Berlin either. Hardly an accident.
     >sarah  hubert
     > kreshenc 8402 street beunce
     > berlin
     > de  DE  41645
     > hubertaxerat_private
     >Phone: 46456154
    Best regards,
    /// Alexander
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    Sign this pro-therapeutic cloning petition: http://www.franklinsociety.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Apr 16 2002 - 03:49:59 PDT