Handy malicious domain registering service available to cybercriminals
Posted on 03 December 2012.
Despite its illegal nature, the industry revolving around cybercrime follows the same rules characteristic for any human economic enterprise: those who discover a need, create a product or service that will satisfy that need and sell it to the highest bidder will prosper.


Among those are surely the software developers that manage to automate a lot of boring and time-consuming tasks for the crooks engaged in the actual money/information stealing.

Webroot's researcher Dancho Danchev is known for keeping a tab on such tools and services being offered on underground forums, and his latest discovery involves a malicious domain name registering/managing service.

As a rule, cyber crooks attempting to increase the life cycle of their malicious campaigns will use domains hosted on bulletproof servers, fast-fluxing (automatic rotation of the domain's IP address), and random domain name generation. This recently discovered service makes it easier for the criminals to effectively execute this last step.

"Fast domain registration frees you from routine," boasts the service. "Using our service, you can register domain scores in 3 clicks."

"The service allows them (cybercriminals) to register randomly generated domains in mass, instantly change IPs and Name Servers, and cross-reference with anti-spam checklists for verification of clean/flagged IPs," Danchev explains.

It also allows filtering of the database of the domains that were registered using the service, and checking whether any of those domains has been blacklisted.

Cyber crooks can choose between a number of TDLs: .in, .org, .pro, or a combination of them. The price, of course, varies, with .pro being the cheapest at $5.

Finally, the availability of the generated domains is verified, and the criminals can proceed to register them and use them.






Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //