[[-- Translated text (es -> en) --]] Albert, the issue you mention in this message, DNS abuse in the specific case of dot-zip, has a very important angle for Internet users "At Large" in our region. As described in https://www.ict-pulse.com/2023/11/ictp-277-capitalising-on-caribbean-country... and it has already been mentioned before in this discussion list, some countries and the administrators of their ccTLDs are using domain names from first level of geographic nature (ccTLDs) as dot-ai to attract new records. In the case of dot-ai, these records relate to the acronym "AI" for "Artificial Intelligence" and have very high prices, of the order of 900 dollars annually, completely misaligned with what the users have demanded from generics like dot-com, low prices and uniforms. An additional problem for users is that these records, since they are not generic, are not required to sign and enforce the contractual apparatus of ICANN with consensual instruments such as registry assignment, accreditation of "registrars" and the "Registry-Registrar Agreement". That allows predatory practices, unfair competition practices, policies abusive prices, arbitrariness in records, exceptions not transparent to the principle of "first in time, first in right" or "First in - first served", abuse of information such as "self-serving deals", absence of the protections provided by the UDRP for holders of recognized brands and names, and no consumer protection. The situation in these cases is worse than with "dot-zip" since in the case of "dot-zip" the contractual apparatus allows ICANN to act in defense of the users, even to the point of withdrawing the right to operate the registry at company that currently owns, protection of names in a "escrow", and competition for a new owner who adheres to the rules established. Meanwhile, users are left with the options of blocking names dot-zip, as many ISPs and other actors already do, and the same fate they could suffer from dot-ai names. It is not an unprecedented situation; for a time the administration of dot-hk was poor and with the same reaction until they began to straighten out the administration. Let's make the business model of speculation and extortion that is one of domain name business engines do not seize a registration of the region in which some speculators take advantage of the weakness institutional and in the end the country that for a brief time finds itself in a situation advantageous ends up marginalized again. These "windfalls", like the oil tankers that countries like Guyana currently live in, are not a base for lasting development. It is a form of extractivism, more abstract than that of raw materials but no less harmful. Alejandro Pisanty On Thu, Nov 30, 2023 at 7:11 AM<alberto@soto.net.ar> wrote:

Estimados, les copio (traducción via Google) un ejemplo de abuso de DNS.Un tema a debatir, dado que esta perjudicando a muchos usuarios fnales.

Saludos cordiales

Alberto Soto

“Han pasado seis meses desde que Netcraft informó por primera vez sobre el abuso del nuevo TLD .zip , describiendo la actividad fraudulenta que detectamos y bloqueamos. A las pocas semanas de su lanzamiento, Netcraft había detectado muchos registros de dominios .zip nuevos diseñados para explotar la confusión entre el nuevo TLD y la extensión de archivo .zip para archivos ZIP .

Entonces, ¿qué ha cambiado en los últimos 6 meses? No mucho, parece.

registros .zip

La tasa de registros de nuevos dominios .zip ha disminuido desde nuestra publicación de blog anterior. A pesar de esto, ahora existen:

16,705 dominios .zip registrados (un aumento triple desde nuestra publicación anterior)

8.432 dominios .zip con registros A en total (un aumento de cuatro veces)

4,421 dominios .zip con registros MX en total, de los cuales solo 619 no tienen registros A

4.196 direcciones IP distintas para dominios .zip en total (un aumento de cinco veces)

417 nombres de dominio .zip que mencionan 'instalador' o 'actualización' (un aumento del doble)

Fuera de estos dominios, descubrimos cinco bombas zip en servicio . Además, el mayor número de direcciones IP distintas (1 por cada 4 dominios ahora, en comparación con 1 por cada 6 dominios hace seis meses) sugiere que los dominios .zip se están volviendo más diversos.

Páginas web maliciosas

Netcraft ha bloqueado 50 dominios .zip maliciosos desde la publicación anterior el 17 de mayo de 2023, lo que eleva el total a 56. Estos dominios en su mayoría se hacen pasar por Microsoft, Google y Steam, como lo ilustra la siguiente figura:

Otros ataques notables incluyen:

Apecoin[.]zip , visto por primera vez el 9 de agosto de 2023, es una estafa de drenaje de criptomonedas que se hace pasar por una plataforma de criptomonedas. Pretende agregar criptomonedas a la billetera de un usuario, pero cuando se otorga la autorización, transfiere todos sus activos (criptomonedas, NFT, etc.) a los delincuentes que operan el sitio. Esta misma técnica está siendo utilizada por criminales que explotan la generosidad de la gente en torno al conflicto de Gaza .” _______________________________________________ lac-discuss-es mailing list lac-discuss-es@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/lac-discuss-es

http://www.lacralo.org _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

-- - - - - - - - - - - - - - - - - - - - - - - - - - - - Dr. Alejandro Pisanty Faculty of Chemistry UNAM Av. Universidad 3000, 04510 Mexico City Mexico +525541444475 Blog: http://pisanty.blogspot.com LinkedIn: http://www.linkedin.com/in/pisanty Join the UNAM group on LinkedIn, http://www.linkedin.com/e/gis/22285/4A106C0C8614 Twitter: http://twitter.com/apisanty ---->> Join ISOC Mexico, http://www.isoc.org . . . . . . . . . . . . . . . .