Cybersecurity

July 2024: Domain Activity Highlights

The WhoisXML API research team analyzed more than 7.3 million domains registered between 1 and 31 July 2024 in this post to identify five of the most popular registrars, top-level domain (TLD) extensions, and other global domain registration trends.

eco Launches Survey on the Adoption of DNSSEC

Domain Name System Security Extensions (DNSSEC) are security protocol extensions for the Domain Name System (DNS), designed to ensure the integrity and authenticity of DNS data.

On a DNS Threat Hunt for DISGOMOJI

Cyber espionage is not uncommon and often occurs between rivals. And though the cyber attackers' tactics and techniques remain the same, their tools do not.

The Most Phished Brands of 2024 in the DNS Spotlight

The Zscaler ThreatLabz 2024 Phishing Report named Microsoft, OneDrive, Okta, Adobe, SharePoint, Telegram, pCloud, Facebook, DHL, WhatsApp, ANZ Banking Group, Amazon, Ebay, Instagram, Google, Sparkasse Bank, FedEx, PayU, Rakuten, and Gucci as the 20 most phished brands.

Uncovering DNS Details on Operation Celestial Force

Advanced persistent threat (APT) groups will employ any means necessary to compromise the networks of their intended targets. And for Cosmic Leopard, that means using GravityRAT, an Android-based malware, and HeavyLift, a Windows-based malware loader, in their most recent operation Cisco Talos has dubbed "Operation Celestial Force."

Global DNS and Domain Activity Trends in Q2 2024

Our research team analyzed more than 21.5 million domains registered between 1 April and 30 June 2024, as seen in the Newly Registered Domains (NRDs) Data Feed.

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

Keonne Rodriguez and William Lonergan Hill, founders of Samourai Wallet, a cryptocurrency mixing service, were sentenced in April 2024 and their sites taken down for executing more than US$2 billion in unlawful transactions and laundering more than US$100 million in criminal proceeds.

A Peek at the V3B Phishing Kit Attack via the DNS Lens

Phishing is and remains a top threat. Google alone blocks around 100 million phishing emails daily, and it doesn't help that phishers get extra help from phishing kits -- ready-made cybercrime tools that allow even cybercriminal newbies to launch attacks following a few simple steps.

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Threat researcher Dancho Danchev recently uncovered 130 domains that seemingly belong to fake cryptocurrency sellers. The WhoisXML API research team sought to find potential connections to the threat by expanding the current list of indicators of compromise (IoCs) using our vast array of DNS intelligence sources.

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

A new advanced persistent threat (APT) group dubbed "Unfading Sea Haze" has been trailing its sights on various organizations based in countries surrounding the South China Sea.