606 domain names blocked in February

06.03.2019

This February, competent organizations sent registrars 646 requests to cancel the delegation of domain names, which is 185 fewer requests than in January. These data are available in the February report on the results of the competent organizations’ activities.

The delegation of 613 domain names in total was canceled. Twenty-six domain names avoided termination after the domain administrator swiftly rectified the cause of blocking (or the hosting provider blocked the resource) or the administrator timely confirmed its identification data. In seven cases, the registrars did not find enough grounds to cancel the delegation or launch an inspection of the administrator.

At present, 606 domain names remain blocked. In seven cases, the delegation was reinstated upon petition from the respective competent organization after the problem was resolved.

Analysis of the violating domains by type of malicious activity during this reporting period showed that most requests were related to phishing (348), followed by botnet controllers (199) and malware distribution (72). Competent organizations also received 27 requests to initiate a check of administrators’ credentials.

The Coordination Center for TLDs .RU/.РФ began working with organizations that detect violations on the internet in 2012. These companies provide the Coordination Center and accredited registrars with information on resources with illegal content, phishing cases, unauthorized access to information systems and malware distribution through the .RU and .РФ domain names. Registrars have the right to cancel the delegation of such resources.

As of today, nine competent organizations cooperate with the Coordination Center: the Safe Internet League, Group-IB, Kaspersky Lab, RU-CERT, the Regional Public Internet Technology Center, the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor), BIZon, the Bank of Russia and Doctor Web. Any user can report malicious use of a domain via their hotlines, and they will take measures immediately. More details on the response procedure can be found in the 2018 report by the competent organizations published on the Coordination Center for TLD .RU/.РФ’s website.