We report malicious domains daily. Most registrars take action within hours.
NiceNIC? Complete silence.
So we did what any security researcher would do β we investigated.
π What we found
After months of research, blockchain analysis, and OSINT work:
52,847 malicious domains
$1.2B+ crypto fraud traced
0 abuse reports answered
Phishing kits. Malware droppers. Crypto drainers. Fake pharmacies. All protected by one registrar.
The corporate onion
We peeled back the layers:
- Shell companies in Hong Kong
- Directors that don't exist
- Addresses that lead nowhere
- Payment trails that vanish into crypto mixers
This isn't negligence. It's a business model.
π Why developers should care
That phishing page stealing your users' credentials? Probably hosted on a NiceNIC domain.
That malware dropper targeting your npm packages? Same story.
Bulletproof registrars are infrastructure for attacks on your users.
π’ What needs to happen
- ICANN: investigate and accredit responsibly
- Registries: stop accepting NiceNIC registrations
- Payment processors: follow the money
π Full investigation
We published everything β evidence, blockchain trails, corporate records:
If you work in security, share this. The more visibility, the harder it is to ignore.
Top comments (0)