Thursday, March 26, 2009

RBN Registers Racist Domains Using Go Daddy

Russian Business Network malware distributors have registered numerous racist domain names using domain registrar Go Daddy. The domains, and subsequently created subdomain names, provide insight into the RBN's misanthropic perspective.

Over the past year, Go Daddy has been criticized by anti-fraud watchdog groups for refusing to take down web sites engaged in the sale of illegal steroids. (note:

As of March 26th, the malicious sites were hosted at XS4ALL Networking (cistron) in Amsterdam at IP address (which XS4ALL classifies as "ADSL IP numbers"). One of the domains present on the IP address (and registered through Go Daddy),, has been involved in several RBN criminal campaigns. Note Dancho Danchev's excellent blog post of March 25th, "Embassy of Portugal in India Serving Malware", at

Go Daddy should act in a socially responsible manner and reveal information regarding the registrant(s), take down the domains, and apologize for taking profits from providing registration services for racists and criminals.