Internet watchdog groups expose 'roid-pushing dealer sites, urge US-based domain registrars to drop them

Several hundred Websites sponsored by U.S. Internet domain registrars, including the popular GoDaddy, are selling steroids illegally, according to two online fraud watchdog organizations.

KnujOn, which fights email abuse and online fraud, teamed up with LegitScript.com, which verifies licensed online pharmacies and exposes underground ones, to ferret out the steroid-pushing sites and domains. The Internet domains that sponsor such sites should seek to suspend them, the watchdog groups say.

The two organizations today published a report describing the steroid-selling sites and outing the registrars that had signed them up. “These are 'Schedule III' substances -- it is illegal to distribute them in the U.S. without a license, or receive them without a prescription,” says Garth Bruen, creator of KnujOn. “They are delivered via postal mail, FedEx, etc. ... and this also violates the law.”

The U.S. domain registrars cited are Abacus America Inc., DSTR Acquisition VII LLC, Dynadot.com, Everyones Internet, Ltd., dba resellone.net, eNom, Inc., EstDomains, Inc, GoDaddy/Wild West, Parava Networks, Inc., and dba 10-Domains.com, according to the report. One GoDaddy-sponsored site in the report, aarxpharmacy.com sells anabolic steroids, testosterone, and other controlled substances.

As of late last week, KnujOn said it had not gotten much of a response from the U.S. Internet registrars after alerting them of the steroid sites and asking them to suspend the sites. Only a few registrars responded -- and they refused to take action, according to KnujOn.

The report aims to shed light on the online steroid underground, as well as the role of the U.S. registrars in helping them to get Internet services. “This is about the extent of criminality on the Web, how specialized it has become, in addition to revealing questions about the quality of companies supplying Internet services in the U.S.,” says Bruen. “Do they see themselves as having a moral or ethical obligation to the public?”

The steroid-selling sites aren’t your typical phony online pharmacies. “With general RX sites, there is a lot of variety. Some are merely stealing credit card numbers, others ship knockoff or counterfeit drugs, and others sell diverted market product which is the real thing but may be expired, under dosage, or rerouted from its original destination.

“With the steroid sites, there is much more involvement in the trade. The sites are more personalized and not as cold as the fake pill sites,” Bruen says. “If you look through some of the steroid forums out there, people complain about lots of fake supplements on the Internet. The sites we're looking at claim to offer the real thing and no ‘bad’ versions.”

Meanwhile, some of the steroid sites have gone dark, and then later reappeared. “Since no one responds or confirms directly with us, it is difficult to tell if [the changes were] because of us. Some [registrars] may comply quietly, but never give us credit in fear of a flood of enforcement letters,” says Bruen. The steroid dealers themselves are likely located in the Balkans, Turkey, and possibly Thailand, he says.

But whether KnujOn and LegitScript.com can ultimately succeed in eradicating the sites is unclear. While it’s a violation of Internet policy to register a site for illegal activity, registrars don’t always enforce it. “Registrants are required to affirm they will not use their domain for illegal activity. Registrars are required to enforce the contracts with their customers. Registrars who fail to do so may lose their accreditation,” Bruen says.

Even if the domain registrar kicks them off, the sites can -- and likely will -- just move somewhere overseas and out of law enforcement jurisdiction.

“There has been considerable discussion about simply blocking traffic for certain countries and large IP ranges that fail to comply with accepted standards,” Bruen says. “The same way that some rogue countries are gradually isolated by the world community, the same may happen if certain places become havens for illicit electronic commerce.”

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights