Blog for hpHosts, and whatever else I feel like writing about ....

Monday 6 October 2008

Enom - Another bleedin joke!

On October 1st, I sent the following abuse report to eNom concerning h4cky0u.org, one of their customers;

Ref: h4cky0u.org (IP: 216.195.56.228), Registrar: Enom, Host: APS Telecom

I am reporting this group as they are actively involved in illegal activity such as hacking MSN/ICQ/AIM/MySpace/Yahoo/Hotmail and Gmail accounts;

The Hotmail hacks thread
http://www.h4cky0u.org/viewtopic.php?f=3&t=4933

The Yahoo hacks thread
http://www.h4cky0u.org/viewtopic.php?f=3&t=5559

The Gmail hacks thread
http://www.h4cky0u.org/viewtopic.php?f=3&t=5560

MSN/ICQ/AIM/MySpace
http://www.h4cky0u.org/viewtopic.php?f=3&t=29170

Further to this, they are also heavily involved in SQL exploits and RFI (Remote File Injection) attacks;

http://www.h4cky0u.org/viewtopic.php?f=3&t=30223
http://www.h4cky0u.org/viewtopic.php?f=3&t=30222
http://www.h4cky0u.org/viewtopic.php?f=3&t=30068
http://www.h4cky0u.org/viewtopic.php?f=3&t=30207
http://www.h4cky0u.org/viewtopic.php?f=3&t=29950

Further to this, they are also involved in hacking bank accounts, such as;

http://www.h4cky0u.org/viewtopic.php?f=3&t=29883
http://www.h4cky0u.org/viewtopic.php?f=3&t=29747

Since this website is hosted in the US, this e-mail has also been CC'd to the FBI.


5 days later, they responded with an auto-reply, to tell me in no uncertain words, that the abuse e-mail address I'd sent the report to, was not monitored and that I should instead, send the abuse report via their website (in short, my sending an abuse report to their abuse e-mail address was a complete waste of time).

Please be advised this email box is not monitored, and you will not get a reply.

If you have an abuse complaint, please go the Abuse Policy page and complete the form here: www.enom.com/terms/AbusePolicy.asp

If you have an account, please log into your account and click HELP, Support Center and then click the tab to Submit a Ticket to Technical Support. Log into your account at the appropriate site: www.eNom.com, www.eNomCentral.com or www.BulkRegister.com.

If you purchased your domain through one of our resellers, please go to the About Us page on the website: www.enom.com/aboutus.asp On the far right is a box where you can enter your domain name and your reseller information will be returned to you. Please contact them directly for domain assistance.

For all other queries, or if you forgot your user name and password, please go to the About Us page on the website. On the far right side is a Contact Us box, where you can click the link under General Email to enter a form and Submit a Ticket for assistance: www.enom.com/aboutus.asp

If you prefer to call us for assistance our technical support staff can be reached at the numbers below 24 hours a day, 7 days a week.

Thank you for contacting us, we do appreciate your business and look forward to working with you.

__________________________________
eNom, Inc., a Demand Media company
U.S. Technical Support 425.274.4500 Option 3 Technical Support Fax 425.974.4791
15801 NE 24th St.
Bellevue, WA 98008


Fine, I decided to send the report via their website - and what happened? The damn report was forwarded to their abuse e-mail address! (and I know this because they sent me a CC of the report I sent, with my address in the From and CC box, and their abuse dept's e-mail address (report.abuse@enom.com) in the To box). Okay, this is just getting annoying.

More annoyingly however, is that 10 minutes after sending the report via the website, I received the following from their abuse department, which again, looks very much like a form letter auto-reply;

Hello,

Thank you very much for your notification. After researching the domain, we have found that eNom, Inc. only provides domain name registration for this customer. We are not the webhost, internet service provider, or administrator for the reported domain. Given that we are not the webhost for the reported domain, the allegedly infringing material identified in your notification does not reside on eNom's servers. Accordingly, we do not have the technical ability to remove or disable specific items of objectionable content.

Again, due to the limited technical sphere in which eNom operates, we do not believe that we are the correct party to contact regarding this matter. In this instance, we suggest that you contact the party operating the website or the party hosting the website to have this matter properly resolved. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. You may then use http://www.arin.net/whois/ or another similar tool to identify this party.

Thank you again for your report, and please do not hesitate to contact us should you have any further questions.

Regards,

eNom Inc., A Demand Media Company


eNom's taking 5 days to send an auto-reply is bad enough, and then telling me that the abuse e-mail address is not monitored is annoying - but to then tell me they cannot deal with an abuse report for one of their customers, simply because they aren't providing the hosting, is an absolute joke!.

Many other registrars WILL deal with these, and WILL shut down the domain involved - why won't eNom? Indeed, whilst certainly not a fan of Directi, they have shut down domains I've reported (okay, it's taken a bit of work, but they've done it), and other registrars that AREN'T crime friendly, have also shut down domains I've reported.

I suppose I should just consider myself lucky that they bothered responding at all. The sites hosting company (APS Telecom/3FN) haven't bothered (trying to phone either of these results in it ringing for a bit, then going straight to answer phone, and contrary to 3FN's website, their 24 hour MSN support is err, offline!), nor have whoisprivacyprotect.com, which the domain is using to hide the registrants details.

No comments: