40

Let's take lulzsec as an example; they registered lulzsecurity.com. There are two problems that I don't understand how they solved:

  • They had to pay for it. Tracking down money is generally much easier than tracking down IP addresses. I assume they didn't use stolen credit cards (with all the attention they received, people would have quickly found out and taken away their domain).. And even with prepaid credit cards it's relatively easy to find out who bought it, with security cameras/etc.
  • They had to have played by ICANN's rules - again, because of the attention they received, if they hadn't people would have found out and they would have lost the domain. This means giving valid contact information.
Adi
  • 43,808
  • 16
  • 135
  • 167
Andreas Bonini
  • 591
  • 1
  • 4
  • 10
  • 4
    Somebody had to spell it out for me, because I wouldn't have guessed on my own: criminals purchase domain names using stolen credit card information. –  Mar 12 '13 at 15:45
  • 3
    These guys view themselves as black hat activists, not theives. Using a stolen credit card would be stealing from a random innocent invidividual, which is not their thing. Bitcoins or prepaid cards are far more likely. – mgjk Mar 12 '13 at 18:41
  • 1
    @mgjk if only you knew then what you know now re: Sabu's cc theft :) – DKNUCKLES Jul 31 '14 at 16:34
  • 3
    I'm not sure what he did to earn the fraud charges. It would be profoundly dumb to pay for a highly trafficked domain with a stolen card. OTOH, I always told conspiracy theorists that the NSA would certainly never engage on mass orwellian espionage of the public because the damage to the reputation of the government would be so severe that they would be stupid to even consider it. Any level of dumb is possible.... this decade has been generally insane. – mgjk Jul 31 '14 at 17:21

3 Answers3

36

Here is one method of purchasing a domain name pretty close to anonymously.

  1. Use Tor. Understand its weaknesses
  2. Buy a prepaid credit card in cash, specifically one not requiring activation or signature.
  3. Randomly generate a full alias to use during online registration.
  4. Register an account at a domain registrar.
  5. Use the prepaid credit card to buy a domain.
  6. Repeat for other needed services.

Note that 2. requires non-anonymous interaction and is therefore the riskiest. Let's try another path.

  1. Use Tor. Understand its weaknesses
  2. Randomly generate a full alias to use during online registration.
  3. Earn some Bitcoins anonymously online, thus seeding without human contact.
  4. Chose a domain registrar and DNS host that supports Bitcoins
  5. Repeat for other needed services.
user10008
  • 4,315
  • 21
  • 33
chao-mu
  • 2,801
  • 18
  • 22
  • 3
    Step 3. in your second variant isn't trivial either. – CodesInChaos Mar 12 '13 at 16:48
  • Step 1. in either. Understand that a large amount of the exit nodes can be compromised at any one time (Jul 2014) and that Russia is looking for several different ways of cracking the system besides providing exit nodes. NSA is only one of many who are honeypotting for your paranoia. – Fiasco Labs Jul 31 '14 at 18:26
  • @FiascoLabs any decent regitrar uses https. Also note that if a potential interceptor wanted to correlate their connections, they would need to control their local network/entrypoint **and** log its traffic continously, as they wouldn't know in advance when lulzsec was going to buy their domain). – Ángel Nov 08 '14 at 01:39
  • 1
    What about using hacked/public one time AP and Tor in step 1? This would sure provide very good anonymity as the potential interceptor would trace back to the hacked/public AP. – Jernej Jerin Mar 09 '15 at 14:25
  • 1
    Honestly, method 2 is more "sketchy", isn't it? If you're really paranoid, you could pay some kid a few bucks to buy a prepaid card (with cash, at Walmart = ya good, anyway); whereas "domain registered via bitcoin over Tor" is going to practically scream "PLS INVESTIGATE THIS FAKE NAME" – JamesTheAwesomeDude Dec 02 '17 at 03:06
  • 1
    I feel like the worst thing to do for anonymity in this situation is pay some kid a few bucks to assist in any way. – scorgn Dec 25 '17 at 07:40
8

I don't know for certain how Lulzsec bought their domain but some domain suppliers will accept bitcoins as payment. Bitcoins are an anonymous payment method used by many websites.

I know it is also possible to purchase domains anonymously even through well known hosting providers such as Go-Daddy. The way it works is that the registrar will put their contact details as the registered contact information for a fee.

SomethingSmithe
  • 452
  • 3
  • 13
  • 3
    In the latter case, I'm sure the registrars would have by now received some sort of subpoena for the information - and I doubt that would have escaped media attention, whether it went answered or not. – Iszi Jun 25 '12 at 15:56
  • 4
    The latter case is called [domain privacy](http://en.wikipedia.org/wiki/Domain_privacy) and there are a number of inexpesive options for this now. For example, namecheap is currently offering it for free with new registrations under the moniker "WhoisGuard Protection". – dodgy_coder Jun 29 '12 at 00:47
  • 2
    @Iszi - While the service GoDaddy uses for private domain registrations will share your information with a subpoena they will also register you. As other people pointed out, you can give fake information, good luck with that :$ – Ramhound Jun 29 '12 at 12:20
5

Domain registration requires payment and for this by far the most common payment method used is credit card, which will pass through the name and address of the owner of the card. But there are a number of other payment options available which enable an anonymous payment, including the humble money order. There are registrars which specialise in taking money orders like western union, moneygram etc. One such registrar is here: Money order domains.

dodgy_coder
  • 205
  • 2
  • 9