NIC.cm
Type: | Government |
Industry: | Registry |
Email: | dotcm [at] antic.cm |
Website: | NIC.cm |
The Network Information Center Cameroon is operated by Cameroon's National Agency for Information and Communication Technologies (ANTIC). Since 2010, ANTIC has been in charge of registry operations for the .cm ccTLD.
History[edit | edit source]
Transition from CAMTEL[edit | edit source]
The .cm domain has been a source of trouble throughout its history. In 2006, CAMTEL, the former registry operator, set up a wild card DNS entry covering all unregistered .cm domains. This "typosquatting" maneuver redirected traffic to a site with pay-per-click advertisements.[1] In 2009, McAfee's "Mal Web" Report identified .cm as the most dangerous space on the internet, with nearly 40% of its active URLs containing some sort of threat to PCs.[2]
It seems likely that the proliferation of typosquatting sites, and the associated bad press,[3] was partially responsible for the introduction of new regulations. In December 2010, the government of Cameroon passed Law No. 2010/13, which among other things placed management of the .cm ccTLD in the hands of the National Agency for Information and Communication Technologies (ANTIC).[4][5] While many saw the move as a crackdown on malicious uses of the TLD,[6], others asserted that the law was largely intended to chill online voices critical of the Cameroonian government.[7] For its part, ANTIC emphasized cybersecurity and reducing criminality through responsible internet governance, and launched an awareness campaign around those issues.[8]
While it appears that ANTIC intended to initiate a redelegation request with IANA,[4] IANA has no record of such a request.[9]
Post-Transition[edit | edit source]
The .cm TLD remains a persistent source of typosquatting schemes. In 2018 Krebs on Security discussed the findings of security consultant Matthew Chambers regarding a slew of brand name typosquatting .cm domains.[10] Chambers subsequently provided an update to his research in the spring of 2018:
Sites are still redirecting to scareware publishers, locking up machines, and creating audio alerts. See screenshots and video below. Sites will serve up innocuous ads at times, and others messages will be fake alerts or Flash upgrades. Take note that the results will vary, and there’s a good chance that these sites are looking for “unique visitors.” It’s possible that you will have a different outcome based on your browser, location, or other factors, like language.[11]
Chambers listed many misspellings of popular sites that were still active at the time.
References[edit | edit source]
- ↑ CAMTEL
- ↑ CNET.com - McAfee Uncovers the Riskiest Domains
- ↑ Forbes.com: Cameroon's Cybercrime Boom (covering the release of the McAfee report), December 2009
- ↑ 4.0 4.1 Nic.cm - Support for .cm redelegation
- ↑ English version of Law No. 2010/013 (PDF)
- ↑ AfrICT.com - Cameroon Passes Law on Cybersecurity
- ↑ Rhodes Journalism Review: Cracking Down on the Diaspora and Dissent No. 31, p. 68 (PDF)
- ↑ ANTIC.cm - Press Release
- ↑ IANA.org - Reports
- ↑ Krebs on Security: Omitting the "o" in com could be costly
- ↑ Infostruction Blog - Wrong-spelling Brand Name Hijack