Exploring Newly Released Top-Level Domains
Sept. 2, 2024, 4:09 p.m.
Tags
External References
Description
An investigation into 19 new top-level domains (TLDs) released in the past year revealed various malicious activities, including phishing campaigns, distribution of potentially unwanted programs, torrenting websites, and pranking campaigns. The study found a correlation between the TLDs' general availability dates and their popularity, indicating that different groups closely follow the launch of new TLDs to initiate domain registration and usage, including for abuse. The research utilized a graph-based detection system to analyze domain relationships and identify coordinated attack campaigns. Case studies highlighted redirection campaigns, chat bot services, and torrenting clusters. The investigation emphasizes the importance of monitoring domains registered under new TLDs to discover and track new trends and attack campaigns.
Date
Published: Sept. 2, 2024, 3:40 p.m.
Created: Sept. 2, 2024, 3:40 p.m.
Modified: Sept. 2, 2024, 4:09 p.m.
Indicators
worldfree4u.meme
worldfree4u.mov
worldfree4u.foo
worldfree4u.dad
welt.bot
valentina.bot
unblockit.ing
unblockit.foo
toronto.bot
testvideo.mov
termin.bot
percy.bot
leipzig.bot
lastminute.bot
kleinanzeigen.bot
fluege.bot
harriet.bot
emilia.bot
broadband.bot
chicken.bot
amsterdam.bot
akira.bot
Attack Patterns
T1590.001
T1583.002
T1584.001
T1568
T1583.001
T1071.004
T1608.001
T1102.002
T1586
T1589.002