DomainGang outlines the pattern that appears to be repeating itself too frequently:
(1) Domains are stolen at GoDaddy using an email portal phishing scheme, then moved to the Chinese domain registrar, Ename; and
(2) the latter, does not comply with legitimate requests to transfer the domains back to GoDaddy,
DomainGang has gone so far as to run a feature entitled “What the hell is going on at Ename, which it contends is quickly becoming “the domain venue of choice for laundering stolen domain names.”
DomainGang notes that Domain theft is becoming a major issue in China, and it will continue to expand.
The thefts target small three and four letter domains.
Below is an overview of what is being done in response:
(1) UDRP Proceedings
Some theft victims are reclaiming the domains through UDRP or Registrar DRP proceedings. For example, in Global Village Publishing, Inc. v. chenwen (Claim Number: FA1303001489761), the panel found
Complainant claims that Respondent hacked Complainant’s account with GoDaddy.com, the previous domain name registrar, and transferred the <gvp.com> domain name to Respondent without Complainant’s consent. Because the domain name is now hosted by a different registrar, GoDaddy.com was unable to assist Complainant in retrieving its stolen domain name. The Panel notes that past panels have found that hacking into a complainant’s account is evidence that a respondent is not making a bona fide offering of goods or services or a legitimate noncommercial or fair use under Policy ¶¶ 4(c)(i) and 4(c)(iii). See Ric Jo Swaningson v. thu lins, FA 1234365 (Nat. Arb. Forum July 1, 2009) (finding that the respondent’s fraudulent action of hacking into the complainant’s account was evidence that the respondent did not use the disputed domain name for a bona fide or legitimate use). The Panel finds that Respondent has not established rights or legitimate interests under Policy ¶¶ 4(c)(i) and 4(c)(iii).
(2) Lawsuit By Acme Billing
Acme Billing has filed a complaint in the famous “rocket docket” alleging that 14 of its domains (incluidng many 3 letter domains) were transferred from GoDaddy ultimately to a Chinese registrar in violation of the Anti-Cybersquatting Protection Act and the Computer Fraud and Abuse Act.
Greg Stranahan, director of Acme Billing, said: ““Domain theft is a serious and growing form of IP theft with potentially devastating consequences for American businesses”.
(3) Urging Owners Not to Be Quiet
DomainGang applauded the owners of Lightly.com who went public on the unauthorized transfer of their domain and were able to retrieve it with help from GoDaddy who exerted pressure on Chinese Ename. They even have spelled out guidelines for how to report it to them to maximize its impact.
(4) Internet Commerce Association Launches Domain Theft Project
The domain name association is looking into possible changes to ICANN procedures and US law to better protect domain holders.
(5) Call for ICANN Changes
From Domain GANG
ICANN’s antiquated domain ownership system, however, leads to dozens of domain thefts, most of which go unreported by their owners. The current system, allows for the transfer – internal, or to another registrar – of domain names, without a verification of legitimacy, other than having access to the account’s credentials.
Cyber Report 
Pingback: Happy New Year! It’s Time for Your Business Checkup. | Cyber Report
Pingback: CLBR Seg 2: Seven Things You Need to Know | Cyber Law & Business Report
Pingback: ILC Insights Into DC Delegation Trip | Cyber Report