By Sean Wolfe
December 29, 2006
Blueprint Ventures is back online. A week after their site was seized by
a porn-spammer, the VC concluded it was easier to pay up rather than
take the issue to court. The case is instructive for two reasonsfirst,
getting one's domain back after hackers seize it is more difficult, and
takes longer than one might think. Second, that keeping ones domain
registered, and staying on top of when that registration comes due, is a
vital component of any Internet-era brand defense.
In mid-December, the South San Francisco-based venture capital group got
a rude awakening. According to managing director Bart Schachter, a
UK-based hacker found that Blueprints hosting company had been asleep at
the switch, and had not re-upped the firms domain registration in a
timely fashion. Evidently, he said, there are now software programs that
spider the Web for domains that are about to come up for grabs, and
pounce on their unwary prey.
So, on Friday, December 8, everyone at Blueprint went home for the
weekend (See our prior story Blueprint Ventures Hacked ), and by the
following morning, the Blueprint Ventures site had been changed, email
had been cut, and visitors to the firms homepage were being redirected
to a number of pornography sites.
For the next two weeks, Mr. Schachter and others at the firm were
embarked on a series of negotiations, one with lawyers, and another,
with the culprit.
What we found was there are a bunch of legal means by which we can get
the domain back. But they cost money. So relative to paying a lawyer,
paying a squatter is cheaper. We had someone who is a mutual friend who
knows the person who helped us settle the issue, he said.
The identity of the culprit, who goes by the name Andy Placid, as well
as other aliases remains unknown. And the crime, if there was one, is
nebulous. Arguably, all he did was snap up an unregistered domain.
As of a week ago, we had 30,000 Google references to our site, so theres
no doubt we had the trademark, Mr. Schachter said. Soyou could say he
got it legally through Register.com, but illegally when it comes to
But the price to defend that trademark was $2-3,000 just to file the
claim, but getting a lawyer to do it - that'd be more like $15-$20,000.
So how much did he pay the squatter? Low thousands was all he would say.
Lessons learned? A good defense is the best offense. The company has
registered its former domain for the next seven years.
What this does is suggest that any domain owner move from a reactive to
a proactive posture. When you lease comes due, you write the check.
When your insurance is due, you renew it. Same thingyou have to get
ahead of it to make sure all is well.
All in all, the firm kept an open mind, and the sense of humor the firm
is known for (an example can be found in their latest holiday card ).
For one, there are a number of interesting start-ups in the fraud
protection businessed for domain addresses - though he wouldnt mention
 http://www.redherring.com/Article.aspx?a 229
Subscribe to InfoSec News