The number of malicious dormant domains is on the rise, and as researchers warn, about 22.3% of strategically aged domains present some form of danger. It’s a realization that struck analysts when it was revealed that the SolarWinds threat actors were relying on domains registered years before their malicious activities began.
On this basis, efforts to detect strategically aged domains before they have a chance to launch attacks and take over malicious activity have gained momentum. A report from Unit42 of Palo Alto Networks reveals the findings of their researchers after examining tens of thousands of domains every day in September 2021.
They concluded that about 3.8% are downright malicious, 19% are suspicious and 2% are dangerous for work environments. In most cases, strategically aged domains are used by sophisticated actors who operate in a more organized context and have long term plans. They are used to take advantage of DGA to exfiltrate data through DNS traffic, serve as proxy layers, or mimic well-known branded domains (cybersquatting).
Read More: Bleepingcomputer
For more such updates follow us on Google News ITsecuritywire News