UPDATE: INSTANT DOMAIN SEARCH IS NOT MOST LIKELY NOT STEALING YOUR IDEAS PERSONALLY. THE NAME RESEARCH IS BEING COMPROMISED SOMEWHERE ALONG THE WAY. THE FOLLOWING SCENARIO MAY HAPPEN THROUGH ANY DOMAIN RESEARCH TOOL. BE CAREFUL
I am working with a few associates on project for a client who is starting a new website. Part of the project is to brand the company which includes naming the company and acquiring a domain name. I have been using Instant Domain Search for while now as it is a quick and easy way to find available names. My associate has been using what looks to be a GoDaddy affiliate/clone that she calls Name Intelligence.
We came up with a list of names(that contained some keywords of course) and my associate checked quite a few on Monday to see if they were available. I checked through almost all the names and then some on Tuesday. We went back to purchase a few and found that most of the names we had searched for had been bought up by the same company on Wednesday(damn it). This was too weird to be a coincidence so I did a bit of research.
Here is the company that bought the domains:
Organization: Maltuzi LLC
Address: 800 West El Camino Real Suite 180 Mountain View, CA, 94040
According to IPWalk, Maltuzzi LLC owns 1,768,141 domains (WOW) as of Jan 21,2007.
I found a thread on Webmaster World that discusses the same thing happening to some other folks by Maltuzi.
So as you can see these Maltuzi guys are a bunch of bastards. However I must ask, why in the hell did they want these domains? I can’t tell you the names we were thinking of, but really they weren’t gonna be the next Amazon or anything.
How Did Maltuzi Hijack my domain name research?
While I am still not sure which of the above querying services contributed to my research being comprised, I did find some information in an article by Larry Seltzer in eWeek titled Who is Hijacking my Domain Name Research. Larry does a great job of explaining the possibilities of how this name research may have been compromised. In Larry’s case it was a company name Chesteron Holdings buying up the domains after they had been searched for using CNets domain research tool.
Here is what’s possible, based on what I know:
CNet, or someone at CNet, could be passing the requests on to Chesterton. I don’t believe this for a second.
- One of the hosting services that CNet is checking with (and there could be more than they indicate) could be passing data on to Chesterton. This seems unlikely to me.
- Chesterton could have compromised one of the servers involved in the process, for instance the whois server used by one of the hosting services. This seems possible to me. There are a number of other hacking techniques, DNS cache poisoning for example, that could indirectly give Chesterton access to data from these queries.
- Verisign could be passing the data on to Chesterton. I don’t believe this, either.
How can these companies afford all these domain names?
Larry has another article about Domain Tasting which explains how these companies can afford to buy all these domain names. The short explanation is there is a 5 day grace period on domain name registration so the companies buy a domain, throw up some ads, and taste to see if the site makes any money. If no ads were click during the tasting period the domains are released and a refund is given. If the domains show potential, they are kept.
So who can you trust for domain name research. I am not sure at this point. I am hoping that a command line whois query is still safe but I am really not sure. I think you just have to have a list ready to go and if a name on your list is available, make the purchase right away.
I can only hope that my names will be freed in 5 days. I’ll post back with in update. In the meantime, be careful when you are searching for an available domain to buy!
Source Mike, The Internet Guy