EstDomains: A Superlative Scam and Spam Site Registrar

EstDomains logoEstDomains, the 49th largest domain name registrar, with more than 270,000 domain names, is accused of being one of the largest sources of spam with 10,000 of their domain names currently blacklisted by SURBL.org, which tracks Web site names that are advertised in junk email reports The Washington Post.

The Washington Post has made a list of those domain names to show my this list of 10,000 names are blacklisted. They contain almost any term used in spam that one can think of “with those terms currently registered at EstDomains and using their name servers.”

The report in The Washington Post follows a number of the Internet’s largest data carriers ceasing to provide “online connectivity to Atrivo (a.k.a. “Intercage”), an ISP that security experts say is home to a huge number of scammers and spammers.” EstDomains Inc. is “Atrivo’s most important customer and the single biggest reason so many experts have condemned Atrivo.”

The article digs deep into the connections between EXTendedhost, EstDomains, Bakler Rove Digital and Directi, the latter denying any participation in the scams. It notes Spamhaus.org who say “EstDomains is a pioneer in setting up domains and domain name servers to accommodate a practice known as ‘snowshoe spamming’.”

The second article in The Washington Post looks again at EstDomains Inc., the company’s history, the legacy of its current chief executive, and its future prospects. The article notes EstDomains chief executive is 27-year-old Vladimir Tsastsin, who is also the head of Rove Digital, a company that appears to encompass a domain auction service named Bakler.com, and a recently launched Web traffic-shaping service called Zmot. “Tsastsin has a rather colorful past, and is no stranger to organized crime. According to the local court and news media, he was recently sentenced to three years in an Estonian prison after being found guilty of credit card fraud, document forgery, and money laundering.”

On Tsastsin’s past, the Washington Post spoke to “Hillar Aarelaid, team director of the Estonian Computer Emergency Response Team (CERT Estonia). Aarelaid maintains that Tsastsin long ago ceded control of EstDomains to organized cyber criminals in Russia.”

These two detailed investigations in the Washington Post are available from: