Cybercrime

Cybercrime / Featured Blogs

IoT Devices Will Never Be Secure - Enter the Programmable Networks

May 09, 2017

Harvard Business Review just ran an interesting article on the information security aspects of Internet of Things (IoT). Based on the storyline, the smart city initiatives are doomed to fail unless the security of the IoT devices and the systems will be improved. While security of the digital society is obviously a key concern, I am not entirely convinced that relying on the security of individual devices and systems is the best course of action.

Sorry, Not Sorry: WHOIS Data Must Remain Public

Apr 27, 2017

In March, I posted a call to action to those of us in the community who have the inclination to fight against a movement to redact information critical to anti-abuse research. Today, I felt compelled to react to some of the discussions on the ICANN discussion list dedicated to the issue of WHOIS reform: Sorry, not sorry: I work every working hour of the day to protect literally hundreds of millions of users from privacy violating spam, phish, malware, and support scams.

Loudmouths Wanted for ICANN WHOIS Replacement Work

Mar 24, 2017

TL;DR? It's worth reading, BUT, if not -- ICANN has yet another group looking at WHOIS, and there is a huge push to redact it to nothing. I spend easily half my day in WHOIS data fighting online crime, losing it would not make my job harder, it will make it impossible. PLEASE JOIN THE ICANN GROUP and help us fight back against people who are fighting in favour of crime.

EFF’s Emerging Alignment With Offshore Internet Pharmacies

Mar 21, 2017

The last few years have been challenging ones for members of the Canadian International Pharmacy Association. First, in 2010, they lost their ability to advertise in the US search space after the US Department of Justice noted that many seemingly "Canadian" pharmacy websites "sell drugs obtained from countries other than Canada" when shipping medicines into the US, and major search advertising programs tightened their policies, effectively excluding CIPA's members from advertising in the US.

New Ad Fraud Schemes Utilize Alpha-Numeric Domains

Mar 21, 2017

The breach of the Democratic National Committee e-mail system and a massive digital advertising fraud believed to be run by alleged actors in Russia share a common thread beyond their ability to capture the news cycle. Although each event targeted a different weakness in brand/online security platforms, the common denominator is the use of fraudulent domain names.

Alliance for Safe Online Pharmacies Honors Leading Companies at ICANN

Mar 21, 2017

Last week the Alliance for Safe Online Pharmacies (ASOP Global; www.BuySafeRx.pharmacy) presented its inaugural Internet Pharmacy Safety E-Commerce Leadership Award to two organizations during the Generic Names Supporting Organization (GNSO) Joint Meeting of the Registries and Registrars Stakeholder Groups at ICANN58 in Copenhagen, Denmark, it was announced on Tuesday.

ICANN Complaint System Easily Gamed

Mar 14, 2017

ICANN's WDPRS system has been defeated. The system is intended to remove or correct fraudulently registered domains, but it does not work anymore. Yesterday I submitted a memo to the leadership of the ICANN At-Large Advisory Committee (ALAC) and the greater At-Large community. The memo concerns the details of a 214-day saga of complaints about a single domain used for trafficking opioids.

So Long, Farewell: The Worst DDoS Attacks of 2016

Feb 28, 2017

The year 2016 will go down in infamy for a number of reasons. It was the year an armed militia occupied an Oregon wildlife refuge, Britain voted to Brexit, an overarching event that will simply be referred to as The Election occurred, and Justin Bieber made reluctant beliebers out of all of us. 2016 was also the worst year on record for distributed denial of service (DDoS) attacks by a margin that can only be considered massive.

We Urgently Need a New Internet

Feb 15, 2017

Let's be honest about it. Nobody -- including those very clever people that were present at its birth -- had the slightest idea what impact the internet would have in only a few decades after its invention. The internet has now penetrated every single element of our society and of our economy, and if we look at how complex, varied and historically different our societies are, it is no wonder that we are running into serious problems with the current version of our internet.

Narcotics Traffic Is Not Part of a Healthy Domain System

Feb 15, 2017

A stack contrast is emerging within the DNS between providers who tolerate blatantly illegal domain use and those who do not. Our study, just published here focuses on five U.S.-based providers, their policies, and their response to reports of opioid traffic within their registry or registrar. There are many providers, not covered here, who removed hundreds of domains selling opioids and I applaud their efforts.

Industry Updates

eco Survey Shows: One in Four Germans Has Been a Victim of Illegal Websites

  • By eco
  • Dec 20, 2024

A DNS Investigation of the 32 Doppelganger Websites Seized by the U.S. Government

Investigating the Proliferation of Deepfake Scams

Five Years of Domain Security Insights: CSC’s Latest Findings on Global 2000 Companies

  • By CSC
  • Nov 01, 2024

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Profiling a Popular DDoS Booter Service’s Ecosystem

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

DNS Deep Diving into Pig Butchering Scams

Investigating the UNC2975 Malvertising Campaign Infrastructure

A Log4Shell Malware Campaign in the DNS Spotlight

A Fake ID Marketplace under the DNS Lens

Behind the Genesis Market Infrastructure: An In-Depth DNS Analysis

Rogue Bulletproof Hosts May Still Be Alive and Kicking as DNS Intel Shows

Phisher Abusing .com TLD?

View More