Newly registered domains (NRDs) are created at the astounding rate of about 200,000 every day and a recent report indicates that 70 percent of these are malicious or suspicious and used for a wide range of nefarious activities.
The NRDs are an interesting breed with some staying active for a very brief period, just hours, while others are quickly spotted behaving as command and control servers or distributing malware, phishing attacks or used for typosquatting. For the most part NRDs are registered under the .com TLD, but those registered under a country code extension tend to be malicious in nature.
Palo Alto Networks found NRDs registered as .to (Tongo) and .di Kiribati) had the highest rate of nasty domains with more than 90 percent in each case being considered malicious or suspicious.
Courtesy Palo Alto Networks: Top 15 TLDs with the highest malicious NRD rate.
Because there are such a high number of NRDs from specific locations Palo Alto Networks recommends combatting the problem using URL filtering.
“While this may be deemed a bit aggressive by some due to potential false-positives, the risk from threats via NRDs is much greater. At the bare minimum, if ac ..
Support the originator by clicking the read the rest link below.
