Cyberattack

Global Domain Activity Trends Seen in Q4 2024

Our research team analyzed 24.4+ million domains registered between 1 October and 31 December 2024 from the Newly Registered Domains (NRD) Data Feed.

Tracking Down APT Group WIRTE’s DNS Movements

The WIRTE advanced persistent threat (APT) group has been active since at least August 2018. It has targeted government, diplomatic, financial, military, legal, and technology organizations in the Middle East and Europe.

New Year, Old Threats: What Does the DNS Reveal About 2025?

2025 is barely a few weeks old, but we've already heard reports of advanced phishing attacks leveraging generative artificial intelligence (AI). It's scary but not exactly surprising. Threat actors are expectedly using more sophisticated and modern attack techniques and will likely continue to rely on domain names as phishing vehicles.

Unraveling the DNS Connections of ToxicPanda

Banking Trojans have been around for decades and still persist to this day because they effectively siphon off victims' financial data and savings. And one of the latest additions to the ever-growing malware type - ToxicPanda - has been plaguing bank customers throughout Asia and Latin America since October 2024.

A DNS Deep Dive into New Crypto Threat “Hidden Risk”

As of 2024, more than 560 million people own cryptocurrencies worldwide, which could translate to more than half a million potential cyber attack victims. This widespread adoption may explain the emergence of threats like Hidden Risk, a malicious campaign that uses fake crypto news to distribute the RustBucket malware.

New WhoisXML API White Paper Highlights Registration Trends in Top gTLDs and ccTLDs

Anyone seeking to establish an online presence appears to have limitless options for reserving Internet domain names. But the question remains: which providers do registrants prefer?

A DNS Investigation of the GootLoader Campaign

Back in 2015, a survey found that cats drove 15% of the overall Internet traffic. That said, it is not surprising for threat actors to use cat-related content to lure victims to visit their malware-laden sites. Such was the case for GootLoader, which allowed cybercriminals to steal data and deploy post-exploitation tools and ransomware.

Silent Night, Deadly Sites: How Christmas Cyber Threats Lurk in the DNS

For many across the globe, Christmas represents a joyous time of celebration and giving. But it can also be a time for worry, especially for those unfortunate enough to get scammed while doing their holiday shopping.

Exploring the SideWinder APT Group’s DNS Footprint

The SideWinder advanced persistent threat (APT) group, also known as "T-APT-04" or "RattleSnake," has been active since 2012. It launched attacks against military and government entities in Asia.

New WhoisXML API Study Highlights Business Insights from ASN and ISP Data

As unique identifiers of entities that control IP ranges, autonomous system numbers (ASNs) provide valuable data. Understanding ASN distribution and deriving insights from it can significantly enhance strategic business and market analyses.