Thieves steal company’s Web domain name

Internet » Costly hijacking reveals common patterns in global domain thefts, weak laws.

By Tom Harvey

| The Salt Lake Tribune reports:

First Published 6 hours ago • Updated 6 hours ago

Ebrahim Zmehrir woke one recent morning and, as he always does, checked his email.

One from Go Daddy, the Internet domain registrar and website host, caught his immediate attention: ownership of, which Zmehrir has owned since 1996, was about to be transferred. A second message, six minutes after the first, said the transfer was complete.

Someone from China using the name Baorui, it turns out, had gotten into Zmehrir’s Go Daddy account and taken over ownership of, the domain name for Zmehrir’s EZQuest Inc., a retailer of computer parts and storage devices. The thieves swiftly put the name up for sale.

The ensuing three months have plunged Zmehrir into a legal battle and cost his small company an estimated $500,000 in lost sales.

“My heart starts pounding remembering those minutes and hours that I was facing; that was devastating,” the California businessman said last week, after his case was heard in federal court in Utah as part of painstaking attempts to get his domain name back.

“People keep calling and asking, ‘Are you in business? Your domain name is down,’” Zmehrir said. “I’m sure others didn’t even call and I lost a lot of business because of that.”

His attorney said Zmehrir was likely the victim of one of several criminal networks operating globally to steal valuable domain names and resell them.

Three letter domain names that end in .com have all been commercially registered, said attorney Steven Rinehart of Salt Lake City, making them especially valuable, sometimes fetching prices from $100,000 to more than $1 millon.

“Hackers, oftentimes in Russia, China, Korea, log into domain name hosting accounts with a registrar like Go Daddy and they manage to get access to these accounts,” said Rinehart. “It’s never entirely clear how they are doing it.”

Thieves often exploit weak email passwords or responses to so-called phishing emails to hack into domain registration records and gain control, according to Laurie Anderson, disputes manager for Go Daddy of Scottsdale, Ariz.

“If their email account is compromised by the hijacker it can look very much like an authorized transfer,” Anderson said. And once a domain is stolen, she said, there is often little an owner can do to recover it, especially if the domain registration is transferred and the new registrar does not cooperate.

Zmehrir said his domain name was immediately transferred to a domain registrar in China and Go Daddy couldn’t retrieve it. With online sales and his company’s image on the line, he hired Rinehart, who has built expertise in dealing with domain ownership problems.

Zmehrir and Rinehart went to the National Arbitration Forum, a part of ICANN, the Internet Corporation for Assigned Names and Numbers, that oversees Internet-related matters, including domain name dispute arbitrations.

Zmehrir submitted a complaint at the end of May and obtained a favorable decision in early July. But the hackers filed what turned out to be a bogus appeal and the Chinese registrar did not transfer the title back to Zmehrir, he said.

ICANN’s enforcement powers may be weak, but so are U.S. laws on domain ownership, said Jeremy Johnston, president of the Washington, D.C.-based Internet Commerce Association. That makes law enforcement authorities reluctant to intervene, a problem made more complex when theft rings are international and jurisdictional issues are complex.

“A lot of time the groups we find tend to be associated with larger forms of online fraud,” said Johnston, a Utah native who is also chief operating officer for Sedo, an online marketplace for domain names.

In Zmehrir’s case, because the National Arbitration Forum decision was not being enforced in China and thieves put up for sale, Zmehrir turned to federal court in Utah.


By Lawyer Directory

Find a Lawyer Near Me

One response to “Thieves steal company’s Web domain name”

Leave a Reply