Posted by: PhishDestroy

Date: May 2026

Evidence Archive: https://phishdestroy.eth.limo/

TL;DR

An independent investigation containing 61 SHA-256 verified screenshots and a permanent IPFS archive alleges that ICANN-accredited registrar NameSilo (IANA #1479) has enabled large-scale cybercrime through years of inaction on abuse reports.

Key findings include:

81.5% of registered domains identified as dead or parked

Alleged $50.8M in phantom revenue

Alleged cover-up involving the xmrwallet.com case

Abuse reports reportedly ignored for years

Multiple documented examples of phishing infrastructure remaining online after reports

1. NameSilo Abuse - Systemic, Not Accidental

According to the investigation, the issue goes beyond isolated incidents.

The archive contains 61 exhibits claiming that Namesilo abuse reports submitted to abuse@namesilo.com were ignored despite proof of delivery and supporting evidence.

Examples cited include:

Abuse complaints remaining unresolved for 30+ days

Historical complaints dating back as far as 2018

Victims reporting financial losses linked to domains registered through NameSilo

The report argues that these cases indicate a pattern rather than isolated mistakes.

Key Claims

81.5% of NameSilo domains are dead or parked

$50.8M in alleged phantom revenue

Public defense of the operator behind xmrwallet.com

Failure to remove reported phishing infrastructure

2. NameSilo Phishing Domains

The report claims that Namesilo phishing domains appear frequently across several scam categories, including:

Tax impersonation scams

Cryptocurrency scams

Fake e-commerce stores

Wallet drainers and clone websites

Reasons cited include:

PrivacyGuardian WHOIS protection

Cryptocurrency payment options

Limited domain suspensions after abuse reports

The investigation also references an ICANN complaint that was reportedly closed while the registrar remained contractually compliant.

3. NameSilo as a Bulletproof Registrar

The report argues that NameSilo operates similarly to what researchers describe as a "Namesilo bulletproof registrar."

Characteristics cited include:

Minimal identity verification

Continued service to repeat offenders

Lack of action after abuse reports

Protection of customer identities through privacy services

Additional allegations include:

Removal of negative reviews

Reputation management campaigns

Actions against critics instead of reported phishing domains

4. Eight Years of Ignored Abuse Reports

Examples highlighted in the archive include:

FTC complaint allegedly unanswered

Historical reports from Reddit and BitcoinTalk users

Security researchers allegedly penalized after reporting scams

Reports from CERT teams receiving little or no response

The report concludes that abuse handling failures appear consistent over multiple years.

5. NameSilo Scam Report Highlights

The investigation's primary claims include that the Namesilo scam report:

More than $100M allegedly stolen through xmrwallet.com

81.5% dead-domain rate

$50.8M in alleged phantom revenue

61 SHA-256 verified screenshots

The archive states that all evidence has been preserved and permanently stored via IPFS.

6. How to Report Suspicious NameSilo Domains

The Report Namesilo domainst recommends escalating beyond standard registrar abuse channels.

Suggested options include:

File an ICANN DNS Abuse Complaint

Submit reports to FTC or FBI IC3

Report phishing URLs to Google Safe Browsing

Contact the hosting provider directly

Report incidents to APWG

The investigation also recommends preserving evidence through screenshots and cryptographic hashes.

7. Bulletproof Registrars and Registrar Fraud

The report identifies several Bulletproof registrars list that it claims follow similar patterns:

NameSilo

Webnic

NiceNic

According to the investigation Domain registrar fraud, common characteristics include:

Limited abuse enforcement

Repeated scam-related registrations

Reliance on weak regulatory oversight

The report argues that domain registrar abuse is not limited to offshore companies and can involve accredited registrars.

8. Phishing Infrastructure Takedown

When a registrar does not act, the report suggests that find Phishing infrastructure takedown:

Step 1

Escalate to the registry operator (such as Verisign for .com domains).

Step 2

Submit reports to law enforcement agencies.

Step 3

Raise awareness on cybersecurity communities and forums.

Step 4

Seek legal advice where appropriate.

The report notes that public pressure can sometimes contribute to domain seizures and enforcement actions.

Final Call to Action

Evidence Archive:

https://phishdestroy.eth.limo/

Review the archived exhibits, examine the evidence, and conduct your own assessment.

If you encounter phishing or fraudulent infrastructure, document the evidence, report it through appropriate channels, and share relevant information with the cybersecurity community.

Discussion and feedback are welcome.