|
Facebook CEO Mark Zuckerberg, on 28 October in Connect 2021, introduced Meta, which will be Facebook’s parent company, along with the organization’s various apps and technologies. According to Zuckerberg, “Meta’s focus will be to bring the metaverse to life and help people connect, find communities, and grow businesses.”
Given the change that is set to further change the social media landscape, are we bound to see threats taking advantage of the Facebook rebranding? We sought to find out by looking at the NRD scene.
Our deep dive brought these findings to light:
The data we collated and analyzed to come up with the findings above is available for download here.
We began our investigation by downloading the typosquatting data feeds for the week of 25—31 October 2021, which coincided with Zuckerberg’s announcement.
A total of 314 newly registered domains (NRDs) containing the string “meta” were registered during the period. A majority of these domains (270 to be exact) were registered on 25 October. Take a look at the chart below for the breakdown by registration date.
Subjecting the 314 domains to a bulk WHOIS lookup showed that:
To date, typing the domain meta[.]com into your browser redirects to a facebook[.]com subdomain, specifically https[:]//about[.]facebook[.]com/meta. Should we then be monitoring subdomains containing the string “meta” as well for connections to ongoing threats? We sought to find out using Domains & Subdomains Discovery.
Using “facebook + meta” as a search string, we uncovered 54 subdomains, including:
None of these domains were owned by Meta (formerly Facebook) based on a WHOIS lookup. And while so far none of them are dubbed “dangerous” by malware engines, leaving similar subdomains insufficiently protected may make them ripe for subdomain takeover and end up being abused for malicious campaigns.
In the week following the Meta announcement, we looked at the registration volume of domains containing the string “meta.” We found a total of 5,555 NRDs, more than 1,000 domains each were registered on 29 October, 30 October, and 3 November 2021. Take a look at the breakdown shown in the chart below.
It isn’t surprising to see that more than 1,000 domains each were registered on the first two days following the announcement, as domainers could be racing against competitors to have such domains ready for anyone, including Meta and its app and technology users, who may be interested in buying them. And should Meta decide to use the meta[.]com for its homepage (instead of redirecting to a subdomain under facebook[.]com), we may see an upward trend in “meta”-containing domain registrations, as the number for 3 November is hinting at.
As the days progress and as Meta broadens its portfolio, we may see more domains and subdomains (malicious or otherwise) registered. For now, users seem to be safe from related threats but only time will tell if that trend will continue.
Contact us if you wish to conduct a similar research on new company, product, or service announcements. We can provide assistance via our wide range of WHOIS, IP, and DNS data solutions.
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byCSC
Sponsored byRadix
Sponsored byIPv4.Global