How a tiny Pacific Island became the global capital of cybercrime (www.technologyreview.com)
from FlyingSquid@lemmy.world to technology@lemmy.world on 12 Nov 2023 13:34
https://lemmy.world/post/8154583

Tokelau, a necklace of three isolated atolls strung out across the Pacific, is so remote that it was the last place on Earth to be connected to the telephone—only in 1997.

Just three years later, the islands received a fax with an unlikely business proposal that would change everything.

It was from an early internet entrepreneur from Amsterdam, named Joost Zuurbier. He wanted to manage Tokelau’s country-code top-level domain, or ccTLD—the short string of characters that is tacked onto the end of a URL.

Up until that moment, Tokelau, formally a territory of New Zealand, didn’t even know it had been assigned a ccTLD. “We discovered the .tk,” remembered Aukusitino Vitale, who at the time was general manager of Teletok, Tokelau’s sole telecom operator.

Zuurbier said “that he would pay Tokelau a certain amount of money and that Tokelau would allow the domain for his use,” remembers Vitale. It was all a bit of a surprise—but striking a deal with Zuurbier felt like a win-win for Tokelau, which lacked the resources to run its own domain. In the model pioneered by Zuurbier and his company, now named Freenom, users could register a free domain name for a year, in exchange for having advertisements hosted on their websites. If they wanted to get rid of ads, or to keep their website active in the long term, they could pay a fee.

In the succeeding years, tiny Tokelau became an unlikely internet giant—but not in the way it may have hoped. Until recently, its .tk domain had more users than any other country’s: a staggering 25 million. But there has been and still is only one website actually from Tokelau that is registered with the domain: the page for Teletok. Nearly all the others that have used .tk have been spammers, phishers, and cybercriminals.

#technology

threaded - newest

autotldr@lemmings.world on 12 Nov 2023 13:35 next collapse

This is the best summary I could come up with:


Because .tk addresses were offered for free, unlike most others, Tokelau quickly became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could be weaponized against internet users.

But Tokelau, with just 1,400 inhabitants, had a problem: it simply didn’t have the money or know-how to run its own domain, explains Tealofi Enosa, who was the head of Teletok for a decade before stepping down in July 2023.

After problems first arose, Zuurbier invited ministers and advisors from Tokelau to the Netherlands, paid for their flights, and explained the business’s nuts and bolts in an effort to reassure them.

What started as techies complaining to Vitale about spamming, malware, and phishing on .tk domains soon turned into more worrisome complaints from the New Zealand administrator tasked with overseeing Tokelau, asking him whether he was aware of who .tk’s users were.

In December 2022, courts in the Netherlands found in favor of an investor suing Freenom, the company that managed .tk and four other domains—those of Gabon, Equatorial Guinea, the Central African Republic, and Mali—that were subsequently added to the model it pioneered.

And in March of this year, Meta, which owns Facebook, Instagram, and WhatsApp, also sued Freenom for damages, claiming that sites hosted on .tk and the four African domains were engaging in cybersquatting, phishing, and trademark infringement.


The original article contains 3,711 words, the summary contains 226 words. Saved 94%. I’m a bot and I’m open source!

scytale@lemm.ee on 12 Nov 2023 15:06 next collapse

I remember I was in a band in college back in the early 2000s and a friend of ours made a simple website for the band and they used a .tk domain. Never knew it was assigned to a specific place.

Kusimulkku@lemm.ee on 12 Nov 2023 16:39 collapse

Another interesting one is that there exists a .su domain for Soviet Union

HarkMahlberg@kbin.social on 12 Nov 2023 19:34 next collapse

.yu for Yugoslavia. Yeah.

AnUnusualRelic@lemmy.world on 12 Nov 2023 23:50 collapse

That’s where kremvax.su was hosted.

It is was known.

CosmicTurtle@lemmy.world on 12 Nov 2023 16:52 next collapse

I use a .tk domain for my home DNS. And for my “dev” domain.

Though I’m rethinking the latter as cloudflare doesn’t allow .tk domains to be updated via the API.

Probably for the same reason that the article states.

jjagaimo@lemmy.ca on 13 Nov 2023 11:06 collapse

I heard 10 number addresses can be fairly cheap but I’d check renewal fees

Guajojo@lemmy.world on 12 Nov 2023 17:41 collapse

Warning: the site will try to rape your mobile phone