CEO told to hand in 757,000 fraudulently obtained IP addresses

A company accused of fraudulently obtaining 757,000 IPv4 addresses has been ordered to return them after the US internet number register (ARIN) received a milestone judgment against it.

The dispute began in late 2018 when ARIN, which allocates IPv4 addresses in the US, Canada and parts of the Caribbean on a non-profit basis, discovered that a company named Micfo and its owner Amir Golestan had fraudulently misled the IP blocks.

IPv4 addresses are incredibly short (see below), which means waiting lists must be kept. Scarcity also makes them valuable in resale – between $ 13 and $ 19 each. That would make the IP addresses that Micfo obtained worth between $ 9.8 million and $ 14.3 million.

It is not surprising that cases of pocket-lining IP address fraud have increased, such as ARIN & # 39; s senior director of global register knowledge, warned in the 2016 conference presentation.

Second-hand addresses

How do fraudsters get their addresses? By using the simple technique, ARIN Micfo accused the deployment.

The key is that many IPv4 addresses have been distributed in the past, while no-one worried about shortages – a surprising part of which fell into disuse.

Criminals try to detect these sleeping areas with public data from ARIN and Whois, checking which are still being used (ie routed).

If they are not and no longer have an active manager, they try to take them over with the help of re-registration and claim rights from ARIN.

According to ARIN, Golestan and Micfo used 11 & # 39; shelf & # 39; companies in the United States from 2014 as fronts to obtain the 757,760 IP addresses and supported this with false notarial statements from staff that did not appear to exist .

Even when ARIN discovered the fraud, Micfo continued to resist and sought a restrictive court order against the organization. It has also submitted an application for arbitration, the first time this has happened in such a case.

On May 1, Micro lost this arbitration and was ordered to return the addresses and pay ARIN $ 350,000 to cover legal costs. Golestan is now faced with allegations of wire fraud with a possible 20-year sentence.

Some of the addresses are used by bona fide buyers and are unlikely to be returned. Nevertheless, the case has brought to light the growing problem of IP address fraud. Said ARIN president and CEO, John Curran:

We are making more efforts to actively investigate suspicious cases of fraud against ARIN and will withdraw funds and report illegal activities to law enforcement agencies where applicable.