Domain Names

Fishing for QR Code Phishing Traces in the DNS

Threat actors have been seen yet again abusing a technology meant to make things easy for all of us -- QR codes -- in one of the most commonly utilized cybercriminal activities - phishing. The rise in QR code phishing isn't surprising given that according to several studies, as much as 86% of the entire global population use their mobile phones for all kinds of transactions, including financial ones. more

Catching Messenger Phishing Footprints Using a DNS Net

A phishing campaign is currently targeting Facebook business accounts with password-stealing malware. The attackers have been using a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages. more

Rhysida, Not Novel but Still Dangerous: DNS Revelations

Rhysida, a new ransomware currently plaguing users may not be novel, but it's proving to be just as effective. Fortra published an in-depth analysis of the malware currently holding the data of healthcare organizations primarily based in the U.S. hostage. more

The Makings of ADHUBLLKA According to the DNS

It's not uncommon for cybercriminals to tweak an existing piece of malware and then call it a new creation. We've seen that happen even in malware's earliest days. It's actually happening more and more these days, especially with the rise of the malware-as-a-service (MaaS) business model. more

Historic Sale of betting.online by Radix Sets New Record for nTLDs

Radix announced the sale of the domain betting.online for $400,000. The sale was directly done via the registry and was facilitated by escrow.com. This is the highest* sale in the last 5 years for any new gTLD and ties the spot for the 5th highest* domain sale YTD among all TLDs in 2023, as per DNJournal. more

Probing the DNS for Signs of XLoader Abuse

XLoader has been plaguing macOS users since it was first discovered in 2021. Back then, though, it only posed a threat to those who opted to install Java on their systems. more

DNS Abuse and Redirection: Enough for a New JS Malware to Hide Behind?

DNS abuse combined with redirection seems to be gaining popularity as a stealth mechanism. We've just seen Decoy Dog employ the same tactic. More recently, a still-unnamed JavaScript (JS) malware has been wreaking havoc among WordPress site owners by abusing Google Public DNS to redirect victims to tech support scam sites. more

Join the 2023 .US Town Hall to Discuss Top Priorities and Future Goals

The .US annual town hall is taking place next month, November 2, 2023 at 12p.m. ET. Registry Services, the usTLD Administrator, will host a live forum to discuss annual efforts, top priorities, and future goals for the United States' country-code Top-Level Domain, .US. more

Hot on the DNS Trail of the 16shop Phishing Kit Operators

Phishers the world over have been patronizing and utilizing the 16shop phishing kit since at least 2018. The kit's users have been known to steal data and money from the customers of some of today's biggest brands, including Amazon, American Express, and PayPal. more

Does Your Supplier’s Domain Oversight Impact You?

You are a distributor that sells your supplier's brands, so aside from worrying about your own company's domains, you've got nothing else to worry about, right? more