A company accused of fraudulently obtaining 757,000 IPv4 addresses has been ordered to return them after the US internet number register (ARIN) received a milestone judgment against it.
The dispute began in late 2018 when ARIN, which allocates IPv4 addresses in the US, Canada and parts of the Caribbean on a non-profit basis, discovered that a company named Micfo and its owner Amir Golestan had fraudulently misled the IP blocks.
IPv4 addresses are incredibly short (see below), which means waiting lists must be kept. Scarcity also makes them valuable in resale – between $ 13 and $ 19 each. That would make the IP addresses that Micfo obtained worth between $ 9.8 million and $ 14.3 million.
It is not surprising that cases of pocket-lining IP address fraud have increased, such as ARIN & # 39; s senior director of global register knowledge, warned in the 2016 conference presentation.
How do fraudsters get their addresses? By using the simple technique, ARIN Micfo accused the deployment.
The key is that many IPv4 addresses have been distributed in the past, while no-one worried about shortages – a surprising part of which fell into disuse.
Criminals try to detect these sleeping areas with public data from ARIN and Whois, checking which are still being used (ie routed).
If they are not and no longer have an active manager, they try to take them over with the help of re-registration and claim rights from ARIN.
According to ARIN, Golestan and Micfo used 11 & # 39; shelf & # 39; companies in the United States from 2014 as fronts to obtain the 757,760 IP addresses and supported this with false notarial statements from staff that did not appear to exist .
Even when ARIN discovered the fraud, Micfo continued to resist and sought a restrictive court order against the organization. It has also submitted an application for arbitration, the first time this has happened in such a case.
On May 1, Micro lost this arbitration and was ordered to return the addresses and pay ARIN $ 350,000 to cover legal costs. Golestan is now faced with allegations of wire fraud with a possible 20-year sentence.
Some of the addresses are used by bona fide buyers and are unlikely to be returned. Nevertheless, the case has brought to light the growing problem of IP address fraud. Said ARIN president and CEO, John Curran:
We are making more efforts to actively investigate suspicious cases of fraud against ARIN and will withdraw funds and report illegal activities to law enforcement agencies where applicable.
Why the deficit?
As a 32-bit addressing scheme, IPv4 is limited to a maximum of 232, or 4,294,967,296, options. When it was defined decades ago, that seemed enough.
Although not every device needs one of these addresses (router / ISP Network Address Translation hides many networks and devices behind one IP), this does not work for routable servers that receive incoming traffic.
Warnings about the imminent depletion of these IPv4 addresses date back years with the announcement by IANA that it will run out in 2011, followed by Europe & # 39; s RIPE in 2012 and the ARIN of North America in 2015.
What they meant by & # 39; running out & # 39; is that as time goes by, they manage scarcity by distributing smaller and smaller address blocks to organizations that request it.
Ironically, many of the already assigned IPv4 addresses are still available and have only fallen into disuse, and that is where address recycling comes in.
The long-term solution is supposed to be IPv6 completed in 1998, increasing the address space to 128 bits and the number of possible IP addresses to a very large number (2128).
The problem with moving to IPv6 is that because it requires operating systems, websites, and routing hardware to support it, it runs very slowly.
If you have already registered a website at an IPv4 address, why use an IPv6 equivalent? An internet connection with two separate address spaces is like driving on the left, but we are told that it might be a good idea to drive on the right too – people understandably understand what they know.
What could eventually drive people to IPv6 is economy. As soon as the costs of IPv4 addresses exceed a threshold, IPv6 suddenly looks more attractive.
Unfortunately, exactly the same criminals will go to second-hand IPv4 addresses. ARIN's last case is probably not the last.
(tagsToTranslate) law & order (t) arin (t) ip-address (t) ipv4 (t) ipv4-fraud (t) ipv6