Description
An investigation into 19 new top-level domains (TLDs) released in the past year revealed various malicious activities, including phishing campaigns, distribution of potentially unwanted programs, torrenting websites, and pranking campaigns. The study found a correlation between the TLDs' general availability dates and their popularity, indicating that different groups closely follow the launch of new TLDs to initiate domain registration and usage, including for abuse. The research utilized a graph-based detection system to analyze domain relationships and identify coordinated attack campaigns. Case studies highlighted redirection campaigns, chat bot services, and torrenting clusters. The investigation emphasizes the importance of monitoring domains registered under new TLDs to discover and track new trends and attack campaigns.
Date
| Published | Created | Modified |
|---|---|---|
| Sept. 2, 2024, 3:40 p.m. | Sept. 2, 2024, 3:40 p.m. | Sept. 2, 2024, 4:09 p.m. |
Attack Patterns
T1590.001
T1583.002
T1584.001
T1568
T1583.001
T1071.004
T1608.001
T1102.002
T1586
T1589.002