Facebook sues Namecheap to unmask hackers who registered malicious domains

Facebook says Namecheap did not cooperate and share details about the owners of the suspicious domains.

facebook

Image via Alex Haney

Facebook filed a lawsuit this week against Namecheap, one of the biggest domain name registrars on the internet.

The social networking giant claims that Namecheap has refused to cooperate in an investigation into a series of malicious domains that have been registered through its service and which impersonated the Facebook brand.

Christen Dubois, Director and Associate General Counsel at Facebook, said today that Facebook engineers tracked down 45 suspicious Facebook lookalike domains registered through Namecheap, which had the owners' details hidden through the company's WhoisGuard side-service.

Some of the sample domains included the likes of instagrambusinesshelp.com, facebo0k-login.com, and whatsappdownload.site.

Dubois said lookalike domains like these -- which abuse the Facebook brand -- are often used for phishing, fraud, and scams.

"We sent notices to Whoisguard between October 2018 and February 2020, and despite their obligation to provide information about these infringing domain names, they declined to cooperate," Dubois said.

"We don't want people to be deceived by these web addresses, so we've taken legal action," the Facebook exec said.

Namecheap provided the following statement when ZDNet reached out for comment earlier today.

"Namecheap takes every fraud and abuse allegation extremely seriously, and diligently investigates each reported case of abuse. We want to be clear, we actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry standard protocol. Outside of said protocol, a legal court order is always required to provide private user information. Facebook may be willing to tread all over their customers' privacy on their own platform, and in this case it appears they want other companies to do it for them, with their own customers. This is just another attack on privacy and due process in order to strong arm companies that have services like WhoisGuard, intended to protect millions of Internet users' privacy."

Facebook sued another registrar last year

This is the second time that Facebook files a legal action against a domain name registrar. It filed the first in October 2019, when it sued OnlineNIC along with its domain proxy service, ID Shield.

Since early 2019, Facebook's legal department has been filing lawsuits left and right against various third-parties abusing its platform. Previous lawsuits include:

March 2019 - Facebook sues two Ukrainian browser extension makers (Gleb Sluchevsky and Andrey Gorbachov) for allegedly scraping user data.
August 2019 - Facebook sues LionMobi and JediMobi, two Android app developers on allegations of advertising click fraud.
October 2019 - Facebook sues Israeli surveillance vendor NSO Group for developing and selling a WhatsApp zero-day that was used in May 2019 to attack attorneys, journalists, human rights activists, political dissidents, diplomats, and government officials.
December 2019 - Facebook sued ILikeAd and two Chinese nationals for using Facebook ads to trick users into downloading malware.
February 2019 - Facebook sued OneAudience, an SDK maker that secretly collected data on Facebook users.

Updated at 6:20pm ET with Namecheap statement.