Archive LiveRead-only public record · No ads · No tracking
CASE / IANA 3858 VERDICT
IANA #3858 Verdict: Public Accreditation, Public Consequences
A companion file on how registrar identity laundering becomes much less magical when public IDs stay attached.
File 004·Verdict·5 min read·Editorial mirror
Public record copy. Brand names withheld, public accreditation numbers preserved. If the body below says “we”, that means the original publisher, not this mirror. TER only preserves, redacts, and re-contextualizes.
IANA #3765 is not just a "poor performer" — it is a statistical impossibility in legitimate commerce. According to the Cybercrime Information Center's 2025 data, their possibly phishing score of 1,141.74 makes them host 320 times more confirmed fraud per registration than industry norms.
While legitimate registrars maintain scores below 10, IANA #3765 operates at 100-300x the industry average. This is not negligence — this is infrastructure designed for fraud. These indicators of compromise (IOCs) demonstrate systematic abuse-tolerant hosting practices that violate ICANN compliance standards.
Evidence confirms IANA #3765 support staff deliberately refuses to open attachments to maintain legal "deniability." Domains reported with 16+ VirusTotal detections remain active for 1,000+ hours. This pattern undermines domain threat intelligence efforts across the industry.
Recommended By Scammers
Dark web forum post recommending IANA #3765 because they ignore all abuse reports - EXPOSED
Research by Brian Krebs ("Soulless" investigation) exposed IANA #3765 as the primary home for Russian Gambler Panel networks. Scam-panel operators actively train their affiliates to use IANA #3765.
"Use IANA #3765. They are loyal to our business. If THE ENABLERS REGISTRY reports, ignore it. IANA #3765 will send their standard 'lack of evidence' refusal automatically."
— Leaked [REDACTED] instructions from Gambler Panel operators
Soulless Machine
Brian Krebs identified a network of over 1,200 identical scam sites using IANA #3765 infrastructure — all running the same drainer scripts.
Gambler Tech Intel
[REDACTED] groups openly recommend IANA #3765 for hosting crypto drainer operations, citing their "loyalty to business."
December 2025 — IANA #3765's most catastrophic failure
$8,500,000
Confirmed Loss Threshold
Full Stack Control
IANA #3765 was both the Registrar AND Host for the exfiltration infrastructure. They had absolute technical power to kill the nodes but deliberately kept them online.
Operator Watching Live
The IANA #3765 operator was Online in [REDACTED] during the heist. They lacked Premium privacy, exposing their status. They ignored forensic alerts as millions were stolen.
100% Operational Continuity
Infrastructure remained active until the final cent was drained. IANA #3765 provided the thieves with complete operational support.
Exfiltration Infrastructure
[REDACTED]
[REDACTED]
The Public Confession
On January 10, 2026, IANA #3765's Twitter account posted a manifesto that shocked the security community:
"We are not against scamming... we here to make cash."
After the post went viral, they staged a fake "Russian hack" using the name "Juliani" to maintain deniability before ICANN. But the damage was done — their true stance was revealed.
The Pattern Is Clear
Automated refusals + scammer endorsements + Twitter confession + $8.5M heist = This is not a compliance failure. This is a business model.
Evidence & Documentation
Download the forensic reports that IANA #3765 claims are "insufficient":
IANA #3765 (IANA 3765) is not an industry peer — it is an infrastructure partner for global cybercrime. The evidence is exhaustive. The theft is catastrophic. The time for warnings is over.
