LibertyReserve.com domain saized by US government (FBI)? RSS - comments

2 days ago we wrote the article about the arrest of Arthur Budovsky, the supposed owner and founder of LibertyReserve payment processor. We confirmed his ownership by providing the link to the first LibertyReserve interview published by PlanetGold.

Our information were based on the two CostaRica's newspaper sources: ticotimes.net and teletica.com. We still have no confirmation from any other official sources except csi-8.com - Consulting International Services in Costa Rica and this is unusual situation. Why people responsible for the current situation leave victims without any official update? If Spanish police and FBI were involved in this matter why they do not publish any official statememnt? Today is a business day but not for the United States. Today is Memorial Day and all offices are closed, so maybe this is the reason of no reaction.

There are still some questions without the answer:

Why FBI didn't publish their splash page about a domain seizure on libertyreserve domain as they usually do?

Why sinkhole.shadowserver.org is not online?

Is it really FBI job or just DDoS or hijack domain attack?

I don't like to speculate without some proofs or reliable information, you can find many on other blogs an forums (competitors job, domain hijacking). However I did some research and found some interesting information that proof US goverment activity.

Let's start from the current dns information of libertyreserve.com domain:

http://who.is/dns/libertyreserve.com

Name Server                          IP Location
ns1.sinkhole.shadowserver.org 74.208.64.145 Wayne, PA, US
ns2.sinkhole.shadowserver.org 74.208.15.160 Wayne, PA, US
ns1.libertyreserve.com 74.208.15.160 Wayne, PA, US

There is the same ip address for two dns' addresses 74.208.15.160 which you can find also when you ping or nslookup libertyreserve.com domain:

Name: libertyreserve.com

Address: 74.208.15.160

Let's verify this ip:

 

Let's reverse this IP now and we will check which other domains are using this host:

http://www.domaintools.com/research/reverse-ip/?hostname=74.208.15.160

Reverse IP Lookup Results

3 domains hosted on IP address 74.208.15.160:

drezpass.com
ezpasstag.com
yourcondoco.com 

These domains are offline but if you google them, you can verify that all these domains were seized by US government:

"According to the Complaint, from November 2008 to the present, Khandakar and Saelim used at least 50 stolen American Express credit cards to purchase EZ Pass tags and credits, which were resold through the drezpass.com and www.ezpasstag.com websites that they created. " 

http://www.forbes.com/sites/billsinger/2012/03/29/ez-pass-fraud-using-stolen-credit-cards-seems-too-easy/

 

"Drezpass.com offered discounted E-ZPass tags using stolen credit cards, say Manhattan federal prosecutors who tallied the ripoff to E-ZPass at more than $100,000.

 The feds identified the cyber-scammers as Rana Khandakar and Usawan Saelim, both 27 and from Brooklyn.

http://www.nydailynews.com/new-york/brooklyn/e-zscam-2-brooklyn-men-busted-internet-based-credit-card-scheme-article-1.1052451#ixzz2UUroDmKi

 

I doubt if these crooks are connected to LibertyReserve owners, but both were operating in Brooklyn.

Still not believe? Visit this page:

http://tvshack.net and you will see this splash page:

In my opinion it is only a matter of time when we see this page on libertyreserve domain. Why? Because tvshack.net domain was also redirected before to the warning-placeholder IP address: 74.208.15.160

Proofs:

http://www.yougetsignal.com/tools/web-sites-on-web-server/

check as domain:  74.208.15.160

You will Find 21 domains hosted on the same web server as 74.208.15.160.

ae-central.com

callservice.biz - also seized by U.S. authorities
community.tvshack.net - also seized by U.S. authorities

filespump.com- also seized by U.S. authorities

kingdom-kvcd.net

libertyreserve.com

livewaresystems.com - also seized by U.S. authorities

movies-links.tv - also seized by U.S. authorities

now-movies.com - also seized by U.S. authorities

planetmoviez.com - also seized by U.S. authorities

thepiratecity.org -also seized by U.S. authorities

tvshack.net - also seized by U.S. authorities

www.condovip.com

www.landsendmemorial.com

www.libertyreserve.com

www.now-movies.com - also seized by U.S. authorities

www.planetmoviez.com - also seized by U.S. authorities

www.tvshack.net

www.zml.com - also seized by U.S. authorities

yourcondoco.com

zml.com - also seized by U.S. authorities

 

The second proof: http://www.dslreports.com/forum/remark,25218295

"I know that the US gov't has been seizing domain names, which is why tvshack.net moved to tvshack.cc.

It now appears that the US gov't can somehow seize or control the DNS records for .cc domains (and I invite anyone here to explain how they can do that).

But the larger issue here is that I'm trying to access tvshack.cc's website by going directly to their last known IP address which is 84.22.98.3, and EVEN HERE we see that it's being redirected to the warning-placeholder IP address 74.208.15.160.

Can someone explain how pointing my web browser to 84.22.98.3 is being re-directed to 74.208.15.160 ?"

 

and read the first comment here: http://ddos.arbornetworks.com/2010/07/takedown/

"Curious about how this was implemented, which I think is part of the legality question. Some of the seized domains point to a 1and1.com ip address, which is apparently also hosting a number of sites that weren’t seized (or at least don’t have the fancy DoJ welcome message):

http://www.robtex.com/ip/74.208.15.160.html

There’s no redirect or anything either – it looks like 74.208.15.160 is serving up the DoJ notice. So they “seized” the domain but still leave it running on a private hosting company rather than a government server? Odd."

 

I've no doubts that libertyreserve.com domain were saized by US agents, but this work has not been finished yet or maybe they didn't decide yet what to do with this service. In other words, they arrested the owner but LibertyReserve company has a different jurisdiction and its own legal personality. This could be a barrier to seize a whole company.

It's also worth to notify, that the biggest competitor of LibertyReserve - PerfectMoney - stopped accepting US members in the same time when LibertyReserve website went down. We could read this info on their website:

"Dear Perfect Money Customers,

We bring to your attention that due to changes in our policy we forbid new registrations from individuals or companies based in the United States of America. This includes US citizens residing overseas. If you fall under the above mentioned category, please do not register an account with us.

We apologize for inconvenience caused." 

Is it a coincidence? I doubt. PerfectMoney website is currently offline or loading very slow and this is also not a good signal for their members.

Summarizing, we still are basing on unconfirmed information and speculations, but the whole situation doesn't look good. Even if the owner is arrested I hope that the company will not be closed. Even if LibertyReserve is not empty of money, the process (if any) for recovering money will be very complicated and time consuming (no complete or fake base of members).

Ivaho from Money-Monitor TEAM

Comments


2013-05-27 20:58:50

More official news about the current situation with LR:
http://www.bbc.co.uk/news/technology-22680297

"Don't Steal....The Government Doesn't Like Competitors"

CATEGORIES

Money Monito Chat

Money-Monitor CHAT

  • No offending
  • No spam (no referral link)
  • No flood

Advertising

Compare IP

Subscribe
Money Monitor

Login to your account

Forget password?
Back to Login
Money Monitor
I am a:

Sign up for Money-Monitor account to:

  • - set notifications
  • - send complaints
  • - send messages
  • - create portfolio
  • - send comments
  • - join to our chat

Subscribe for free for the last news from the online investment industry!

You will be the first to know about news, reviews, updates and contests.