Handy malicious domain registering service available to cybercriminals
Posted on 03 December 2012.
Despite its illegal nature, the industry revolving around cybercrime follows the same rules characteristic for any human economic enterprise: those who discover a need, create a product or service that will satisfy that need and sell it to the highest bidder will prosper.


Among those are surely the software developers that manage to automate a lot of boring and time-consuming tasks for the crooks engaged in the actual money/information stealing.

Webroot's researcher Dancho Danchev is known for keeping a tab on such tools and services being offered on underground forums, and his latest discovery involves a malicious domain name registering/managing service.

As a rule, cyber crooks attempting to increase the life cycle of their malicious campaigns will use domains hosted on bulletproof servers, fast-fluxing (automatic rotation of the domain's IP address), and random domain name generation. This recently discovered service makes it easier for the criminals to effectively execute this last step.

"Fast domain registration frees you from routine," boasts the service. "Using our service, you can register domain scores in 3 clicks."

"The service allows them (cybercriminals) to register randomly generated domains in mass, instantly change IPs and Name Servers, and cross-reference with anti-spam checklists for verification of clean/flagged IPs," Danchev explains.

It also allows filtering of the database of the domains that were registered using the service, and checking whether any of those domains has been blacklisted.

Cyber crooks can choose between a number of TDLs: .in, .org, .pro, or a combination of them. The price, of course, varies, with .pro being the cheapest at $5.

Finally, the availability of the generated domains is verified, and the criminals can proceed to register them and use them.






Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //