The Internet Corporation for Assigned Names and Numbers (ICANN) terminated on Tuesday its contract with Estonia-based EstDomains, blocking the company's ability to offer Internet registration services, but temporarily stayed the judgment the following day to assess the firm's response to the accusations against it.

The act by ICANN, which recognizes companies to manage the Internet's domain-registration procedure, follows numerous charges that malicious sites had registered through EstDomains and after the CEO of the company, Vladimir Tsastsin, was found guilty of credit-card fraud by a county court in Estonia. The Computer Emergency Response Team for Estonia has associated the company with Russian organized crime, as per the article in the Washington Post's SecurityFix blog.

Having an officer guilty of a felony is grounds for dismissing the Registrar Accreditation Agreement, ICANN stated in a letter (pdf) sent to EstDomains's Tsastsin on Tuesday.

"The enclosed Estonia Court records express that you were condemned of credit card fraud, money laundering and document forgery on 6 February 2008," the letter stated. "EstDomains' has submitted official documents to ICANN that state that you are the President of EstDomains.”

On Wednesday, ICANN postponed the termination process to "assess the merits of the claims made in EstDomains’ response" to the group's letter. The company claimed (pdf) that Tsastsin had invoked the country court's verdict to the nation's Supreme Court on June 16, 2008, an act that would holdup the legal effects of the verdict. The company also laid claim that Tsastsin had stepped down as CEO about a week later, pending the outcome of the appeal.

Security firms F-Secure and McAfee lauded ICANN's conclusion to terminate EstDomains' registrar agreement. F-Secure's Mikko Hyppönen charged the firm with being a outstanding hub for cybercrime activity.

"Tens of thousands of harmful domains have been registered with EstDomains," Hyppönen said in a blog post on Wednesday. "These contains drive-by-download sites, botnet command-and-control servers, spammed domains,etc. Many of the modern false antivirus tools as well as rogue codecs have been running via EstDomains. In reality, EstDomains is among the greatest registrars in the world and they've registered over 280,000 domains. Not all of them are bad, of course. But a big part of them are."

In a posting mailed earlier this month to the mailing list of the North American Network Operators Group (NANOG), an individual claiming to represent EstDomains admitted egress with the critique that network operators had leveled against his company.

"Payment systems employed in Eastern Europe tend to favor anonymity -- which, apparently is also favored by criminals. However, it's the exclusion and not a rule. We've ceased taking all unidentified payment systems quite awhile ago, and have new arrangement with one of Russia's largest payment systems where, if we report abuse, they will lock the criminal's account and accounts linked to it