Another Directi registered fraudware domain

It seems to me that Directi is not even close to cleaning up its act, and they certainly don't seem to be keeping away from domains that are used to facilitate the distribution of fraudware.  Just over the past few days I have encountered quicktds.com (which had been registered since 16 Sept), pcvirusbuster.com (registered 7 October), vsemutorba.com (registered on 2 April 2008), quicktds.name (registered 16 September), trap17.com (registered 9 May 2004), orderbox-dns.com (registered 2 July 2004), computinghost.com, trusted-scanner.com (registered 30 September), antivirus-fullscan.com (registered 7 October), and now royalproscan.com.

Here's the problem - this domain was created on 13 October 2008.  It is now 16 October 2008.  The bad guys have had 3 days to make good use of their latest domain.

royalproscan.com (216.240.134.211 - California - Irvine - Go2online Corp)
ICANN Registrar: Directi Internet Solutions
Created: 13 October 2008
NS: DOMISHKO.EARTH.ORDERBOX-DNS.COM (has 37,446 domains)
NS: DOMISHKO.MARS.ORDERBOX-DNS.COM
NS: DOMISHKO.MERCURY.ORDERBOX-DNS.COM
NS: DOMISHKO.VENUS.ORDERBOX-DNS.COM
WHOIS: Hidden behind privacyprotect.org

Fraudware URL:
royalproscan.com/2009/1/freescan.php?id=<<snipped>>

image

image

image

image

Published Fri, Oct 17 2008 13:50 by sandi
Filed under: ,

Comments

# re: Another Directi registered fraudware domain

Friday, October 17, 2008 8:35 AM by redwolfe_98

it looks like "royalproscan.com" is dead, now.. i suppose that "directi" shut it down, once you brought it to their attention..

# re: Another Directi registered fraudware domain

Friday, October 17, 2008 8:14 PM by redwolfe_98

in kimberly's latest posts, at bluetack, she mentioned several malicious domains that were hosted by "directi", but, when i checked, many of them, if not all of them, had been shut down.. so, it looks to me like directi is doing good in shutting down malicious domains.. however, maybe directi needs people like you and kimberly to bring the malicious domains to their attention before they do anything about them..

# re: Another Directi registered fraudware domain

Saturday, January 10, 2009 4:56 PM by Charlie Niehaus

"directi" needs to be PROactive and not REactive in this case.  Having a 'bot handle website registrations and setup may seem like it will save you money, but when you look at the time it takes to hunt down and wipe out the malware sites as they come in and the loss of revenue because you ARE hosting malware spewing sites, it might be worth the $$ to hand register the sites AND check what is being hosted there.