Prankster acquires Taliban Government domain amidst gov.af limbo
The US and others may have withdrawn from Afghanistan, but many Afghan Government websites and email addresses under the .gov.af top-level domain are still very much dependent on services hosted outside of the country – mostly in the US.
By taking control of Afghanistan, the Taliban has inherited these government domains and now shares web hosting and mail servers with several other governments around the world, including the UK Government. In many cases, emails sent to .gov.af domains will be routed through US-hosted servers, presenting intelligence opportunities if the new Taliban government were to continue using them.
What will happen next?
The Taliban has been hostile to internet usage in the past, but it remains to be seen what will happen to the 23,000 .af (including nearly 1,000 .gov.af) websites that existed before it seized control of Afghanistan.
It would not be surprising to see the Taliban eventually shut down any .af websites it does not approve of, but there may be others it would want to keep in order to facilitate a smooth transition to a new government. However, with so many of these sites dependent on infrastructure that is physically located in the US or in other countries far away from Afghanistan, it would not be surprising to see some significant changes being made to where these sites are hosted and how their email is handled.
At the time of writing, websites like
Fake Taliban Government
The Taliban’s takeover of Afghanistan has evidently led to a state of limbo in the administration of .gov.af, with Bill Woodcock (executive director of PCH, the company providing DNS for .af)
This situation was exploited earlier this week when a prankster using the pseudonym “Simon Pop” and a US mailing address was able to register the domain
The domain status for taliban.gov.af has already been updated accordingly in its WHOIS records:
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited Domain Status: addPeriod https://icann.org/epp#addPeriod Domain Status: serverRenewProhibited https://icann.org/epp#serverRenewProhibited Domain Status: serverHold https://icann.org/epp#serverHold Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
The serverHold status is set by the domain’s Registry Operator and means the domain is not activated in DNS, while serverUpdateProhibited locks the domain and prevents it from being updated.
This serverRenewProhibited status code indicates that the domain’s Registry Operator will not allow its registrar to renew the domain. This code is usually used during legal disputes or when a domain is subject to deletion.
It may not just be the Taliban that would want to take down or otherwise control Afghanistan’s existing websites. For instance, the official Twitter account of Zabihullah Mujahid, the
However, this website is no longer available because the domain cannot be resolved due to its
Domain Name: ALEMARAHPASHTO.COM Registry Domain ID: 2547563081_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.tucows.com Registrar URL: http://tucowsdomains.com Updated Date: 2021-07-17T06:39:12 Creation Date: 2020-07-21T14:48:16 Registrar Registration Expiration Date: 2022-07-21T14:48:16 Registrar: TUCOWS, INC. Registrar IANA ID: 69 Reseller: Hover Domain Status: clientHold https://icann.org/epp#clientHold Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Although that website has gone, it seems perhaps more remarkable that Twitter permits the Taliban spokesman’s account but has banned the