On Monday Microsoft got a federal court in Alexandria, Va. to grant an order to deactivate hundreds of domain names that the company said were linked to botnet named Waledac.
The court order was issued under seal, that means not made public and without any notice to the domain holders before the order was granted or the shut down occurred.
Microsoft says the defendants were linked to more than 270 Internet domain names involved with hacker network.
The company said it is now seeking to contact the defendants through whois info.
The restraining order compelled VeriSign Inc., to temporarily turn off the suspect Internet addresses.
Marc Rotenberg, executive director of the Electronic Privacy Information Center is quoted as saying this type of action by Microsoft “might become a form of vigilantism that entangles innocent victims.”
At least one domain owner Stephen Paluck of Beaverton, Ore., said he was doing nothing wrong from his Internet address, Debtbgonesite.com. which was seized “I want it back,” Mr. Paluck said. “I’m not doing anything illegal.”
While I hate the spammers, hackers and fraudsters as much as the next guy, I’m still concerned that Microsoft could go to federal court on its own, and without notice to get hundreds of domain names shut down.
“This is a big step for us in our ongoing effort to thwart criminals using the Internet for financial gain,” said Andre’ M. Dimino, co-founder and director of the non-profit Shawdowserver Foundation.
Of course CADNA has used the same language in describing domainers and domain parking which and is part of the Utah bill looking like its heading for a quick passage.
Scary stuff
Here we go again says
All of the domains appear to be registered in China.
Or, are the bad guys using those addresses to throw off (delay) the legal attack by Microsoft?
I wonder if China is the internet wild west?
Or, could it be people in Iran, Russia, India or some other country just using fictitious chinese addresses and registrars?
This is a major a major security threat for internet users.
And, one of the topics being discussed at Icann next month.
Where is Bourne when you need him?
owen frager says
Why don’t we just close the Internet and go back to using two tin cans and carrier pigeons to communicate?
Then MS would have never been born to harass anyone
MHB says
Here we go
The “bad” guys are mostly located in China except for the “Good guy” who is located in the US who had his domain shut down.
Remember that the definition of the bad guys is constantly moving and you may find yourself on the list of bad guys one day depending on who is making up the list
BullS says
I am the BAD guy!!
So can I shutdown microsoft.com because they are the one installing upgrades on my pc w/o any notice?
I hope the EU shutdown Microsoft!!!
D says
The biggest spammers were and still are to date americans. Hiding behind chinese and other identities
Here we go again says
Forbes wrote an article about cyberspies (many in China) using this technique to enter U.S. government contractors computers and database.
http://www.forbes.com/2010/02/17/pentagon-northrop-raytheon-technology-security-cyberspying_print.html
Danny Pryor says
Wow. This is a beautifully composed complaint, and I’ve read a few complaints in my time. But the trend established here is frightening. Shutting down the domains without prior notice to the defendant makes a URS system seem almost palatable, by comparison.
First, if there is an ICANN rule (and there is) that a person must maintain current and accurate data in the WhoIs record, then at the very least Stephen Paluck should have been contacted by Microsoft ahead of time, if in fact they made an effort to do so. Failing that, including him in the complaint could be construed as bad faith.
Second, Microsoft’s use of rule 26(c)(1) as the justification for sealing the filings in this case is disturbing, because it appears Microsoft is using trade secrets and / or confidential research as the impetus for their “good faith” motion for the protective order.
To the heart of the matter, which is the domainers who now must defend themselves. The court has ordered they appear in the Eastern District of Virginia to defend their domains, and they must appear by March 8, what happens if these defendants are financially unable to make the trip? The short answer is they lose the case, and they lose their investment.
However unwittingly any of these domains’ owners may have been duped into permitting any spyware, spy bots, malware or other malicious code to operate from their respective domains, I can assure you such a thing does happen. It happens to have taken place on a website owned and controlled by a very, very well known domainer in the industry. In the interests of confidentiality, I won’t say who, but suffice to say in 2009 a piece of javascript spyware was added to the end of the “body” tag on several pages of the website. European anti-virus programs caught it, but US-based anti-virus programs did not.
If some of these domain owners are participating in the underhanded and technological malfeasance Microsoft has alleged, we certainly owe it to ourselves to police these domain owners. But the legal precedent established by this “sealed filing” – typically reserved for indictments – is disturbing.
What has happened here is the presumption of innocence has been removed from the system of jurisprudence. And Microsoft’s attorneys wherever they are, appearing of counsel or pro hac vice, know the law quite well enough to manipulate it.
In the first day of filings on this case, Microsoft filed hundreds of pages of documents, affidavits, pleadings, memoranda, cries for help, ad nauseam, to confuse the court well. Judges and magistrates don’t read through all of this stuff. Law clerks do.
Mike, I sincerely hope you’re going to be following this closely. I am in the process of downloading the entire docket on this case and will forward it to you and to HN, RS and RJ for your records. This is very important to watch.
And please forgive the discombobulated flow of this response … I’ve just started reviewing all of this.
Rashid Mahmood says
One thing business owners need to understand is it will most likely be easier to start from scratch on a great domain.
But try telling them that.
On the flip side it creates opportunity to rank for almost anything you can think of.
And thats a good thing