ICANN Issued Breach Notice to .TOP Registry After URLAbuse Complaint

URLAbuse has successfully initiated action against the .TOP Registry Operator, leading to the Internet Corporation for Assigned Names and Numbers (ICANN) issuing a Notice of Breach. The breach notice, dated July 16, 2024, highlights multiple compliance failures by the .TOP Registry Operator, which include neglecting abuse reports and non-adherence to required internet security protocols.

URLAbuse, which operates a community-based URL blacklist, identified and reported various instances of abuse within the .TOP domain. These abuses included phishing attacks, malware delivery, and other forms of malicious conduct. Despite repeated notifications, the .TOP Registry Operator failed to address these issues, prompting URLAbuse to escalate the matter to ICANN.

In response to the complaint, ICANN conducted a thorough investigation and found the .TOP Registry Operator in breach of several key obligations under the Registry Agreement. These breaches include:

1. Failure to Comply with the Uniform Rapid Suspension System (URS): The .TOP Registry Operator did not lock domain names within the required timeframe nor did it notify the URS Provider as mandated.
2. Failure to Provide Required Abuse Contact Information: The operator did not display necessary contact details for handling abuse reports on their website.
3. Failure to Confirm Receipt of Abuse Reports: There was a lack of confirmation to reporting parties that their abuse reports had been received.
4. Inadequate DNS Abuse Mitigation: The operator did not have an effective process in place for investigating and acting on reports of DNS abuse.
5. Non-Payment of Fees: The operator failed to pay due fees on time as required by the agreement.

ICANN has given the .TOP Registry Operator until August 15, 2024, to take corrective actions. These include implementing a detailed plan to comply with URS requirements, updating their website with necessary abuse contact information, confirming receipt of abuse reports, and ensuring effective DNS abuse mitigation. Failure to meet these requirements may result in ICANN initiating termination proceedings under the Registry Agreement.

This incident has sparked a discussion about how domain name registries handle abuse complaints and safeguard cybersecurity, and ICANN's action demonstrates that registries that fail to address security concerns in a timely manner face serious consequences in the form of possible revocation of domain name administration privileges. As cyberattacks and abuses increase, the watchdog role of community organizations is especially important to help improve overall cybersecurity standards and compliance.