Garth Bruen at KnujOn wrote:
However, the core issue relates to an illicit pharmacy domain sponsored by OnlineNIC which has been found in thousands of hacked websites infected with a PHP redirection. KnujOn first found this malicious redirection in July, 2010 and discovered the target domain, SECURETABS[DOT]NET, had a false WHOIS record and we appropriately filed a complaint with ICANN on July 18, 2010.
When you say that SECURETABS.NET is "sponsored by OnlineNIC," do you mean anything more than 'OnlineNIC is the registrar of record for SECURETABS.NET?' I see the following registration data in the whois: Sergey Mironov sergeymironov@ymail.com +7.9165143272 none Zvenigorodkaya st. 26-17 Moscow Moscow AF 125482 I would be interested in hearing more about how you established that this Moscow address and the Yahoo! email address were false. -- Bret