Globale Cyberkriminalitäts-Hauptstadt: Besser nichts auf .tk öffnen

Tokelau, a small Pacific territory, has become a global center for internet criminal activities, all thanks to its free domain system .tk. This island nation, isolated from the rest of the world, now bears the burden of being the global center of cybercrime. Here’s how it all began…

Few have heard of the small island of Tokelau, but why would they? It is a territory with just over 1,500 inhabitants located in a remote part of the southern Pacific Ocean. This small territory, which administratively belongs to New Zealand, consists of three coral atolls with a population that lives modestly, mainly from fishing and agriculture. Tokelau never expected to play a role in the global technological world, let alone become synonymous with internet fraud, but that is what happened. This remote place was last connected by phone in 1997, and just three years later, a fax arrived on the island with an incredible business proposal that seemed like a great business opportunity for small Tokelau. The fax was sent by an early internet entrepreneur from Amsterdam named Joost Zuurbier, who wanted to manage Tokelau’s top-level domain with a country code or ccTLD – a short string of characters placed at the end of a URL. What .hr is for Croatia, .tk is for Tokelau. Until then, the team from the small atolls had no idea they had been assigned a ccTLD.

– We discovered .tk – recalled Aukusitino Vitale, who was the general director of Teletok, the only telecommunications operator in Tokelau at the time.

No Free Lunch…

By the late 90s, the internet was experiencing exponential growth, and one of the key components of this new digital world was internet domains. Countries began to receive their own domains, recognized by national suffixes (country code top-level domains or ccTLD), but unlike most countries, Tokelau did not have the technical or financial capacity to manage its ccTLD .tk. There was almost no technical infrastructure, and the islanders were more focused on survival on the distant atolls than on modern technologies.

—

—

However, everything changed when Zuurbier sent them an offer, proposing to take over the management of their .tk domain in exchange for a share of the revenue. The idea was simple: allow users around the world to register .tk domains for free, but with ads. Those who wanted to avoid ads on their pages or keep the domain for more than a year had to pay a small fee.

At first, the offer seemed like an opportunity for the little-known territory to become part of the digital world and perhaps generate revenue without additional costs. Tokelau accepted the offer and granted Zuurbier the right to manage its domain. What they could not foresee was the enormous popularity of that free domain – but also the dark consequences that followed.

Bigger than China

After the agreement, within a few years, small Tokelau became an unlikely internet giant, but not in the way they had hoped.

– We heard how successful .tk was. We were bigger than China. We were surprised, but we didn’t know what that meant for Tokelau. What was more important at the time was that we were getting money to help the villages. We didn’t know about the other side then, highlights Vitale.

However, as the decade progressed, Vitale felt that things were going off course. Until recently, his domain had more users than any other country: an incredible 25 million, with only one registered actually coming from that island, and that was the telecommunications operator Teletok. Thus, the .tk domain quickly became the most popular in the world, and many rushed to get their free domains. However, that rapid growth came at a price. Free domains attracted not only legitimate users but also those with less honorable intentions. Criminals quickly realized they could use them for illegal activities without taking any risks. Tokelau, small and isolated, did not have the capacity or knowledge to monitor what was happening with its domain on a global scale. Almost all registered .tk users were located outside the country, and the islanders were becoming increasingly aware that something was wrong. First, many contacted Vitale and complained about spam, viruses, and identity theft on .tk domains, and soon everything fell apart when alarming complaints arrived from the New Zealand administrator responsible for overseeing Tokelau, asking if he was aware of who the users of the .tk domain were. Allegations emerged that .tk websites were being used for pornography, and researchers discovered that jihadists and the Ku Klux Klan were registering .tk websites to promote extremism, while state-sponsored Chinese hackers were using them for espionage campaigns.

A Model Condemned to Crimes

Meanwhile, global security agencies, including Interpol and the FBI, began warning about the growing use of .tk domains for identity theft, spreading viruses, data theft, and other forms of cybercrime. Worst of all, the poor inhabitants of that island were labeled criminals, and many suggested that they were also profiting from the disaster called .tk. However, that was not the case, and the long-term damage to the small island and its reputation was irreparably harmed.

Many experts said that it was all actually inevitable.

– The model of giving away free domains simply does not work. Criminals will take free domains, exploit them, and then take more free ones, notes John Levine, a cybercrime expert.

Criminals Take Over

The free .tk domain system became a paradise for criminals. Since users did not have to pay anything or provide personal information, criminals could anonymously register domains and use them for various forms of fraud. One of the most common methods was setting up fake pages that looked like original websites of banks, social networks, or online stores. In this way, criminals could deceive users and steal their passwords, personal information, or money, and they did.

Additionally, .tk domains were often used to spread malware, so users who visited such sites often left with a virus or trojan that would give criminals access to that computer. Such activities quickly led to the .tk domain becoming notorious on the internet, which was confirmed by research showing that as much as 40 percent of all .tk domains were linked to illegal or malicious activities.

Whose Responsibility

As complaints about the .tk domain grew, global pressure on Tokelau became inevitable. International organizations and security agencies demanded that the islanders take responsibility for the criminal activities occurring under their national domain. However, due to limited resources and knowledge, Tokelau found itself in an unenviable position. Former Teletok director Aukusitino Vitale recalled the moment when Tokelau began to realize the extent of the problem.

– At first, we did not understand what the global success of our domain meant. We thought it was just an opportunity for additional income, but soon we realized that .tk had become a symbol of criminal activities on the internet, said Vitale.

—

—

Although some attempts to rectify the situation were made, the problem was too great for a small territory like Tokelau. Zuurbier, who managed the domain, repeatedly promised to clean up the registration system and remove malicious sites, but the results were minimal, as it was still about his money. Under increasing pressure from the international community and growing awareness of the harmfulness of its domain, Tokelau began negotiations with New Zealand authorities in 2023 about the possibility of terminating the contract with Zuurbier’s company called Freenom. Although this process is likely to be lengthy and complicated, the islanders are determined to regain control over their national domain and sever ties with global cybercrime. At the same time, Tokelau is preparing for important political decisions about its future. A referendum scheduled for 2025 will decide the political status of the territory, including the possibility of achieving a greater degree of autonomy or even independence from New Zealand.

Sinister Extensions

The story of Tokelau is not unique. Many small nations with their own internet domains have become targets for entrepreneurs from wealthier countries who wanted to exploit their digital resources. The term ‚digital colonialism‘ is increasingly used to describe this phenomenon in which wealthy countries or corporations exploit the digital assets of small and poor states without their active participation or benefit.

Authorities of small islands across the Pacific are cited in numerous stories that celebrate dumb luck or complain about mass abuse. For example, Tuvalu managed to turn .tv into about 10 percent of its annual GDP. Micronesia’s .fm is heavily promoted on radio stations and podcasts. Tonga’s .to is favored by torrent and illegal streaming websites. Anguilla in the Caribbean is intensively selling its .ai to technology startups. However, it seems that these success stories are exceptions. In 2016, a working group against identity theft discovered that along with .tk and .com, the Australian Cocos Islands (.cc) and Palau (.pw) together accounted for 75 percent of all registrations of malicious domains. They were flooded by phishers attacking Chinese financial institutions, and the Cocos Islands made headlines in Australia when websites allegedly containing images of child sexual abuse were recently found on their domain.

And there is the example of Niue, another Pacific territory, which further illustrates this problem. Niue is engaged in a legal battle against Sweden over the management of its .nu domain, which is extremely popular in Scandinavia because ’nu‘ means ’now‘ in Swedish. Niue claims it never gave permission for the use of the domain on such a large scale and that it receives almost no revenue from it, and it is not alone.