Malwarebytes, a cybersecurity company, has released a new product, Malwarebytes Browser Guard. This free plugin is available today for three popular browsers: Chrome, Firefox and Edge. It is designed to protect users from danger, including visiting websites with potential threats.
However, it looks like the developers of Malwarebytes Browser Guard have outdone themselves. Their product does not only block potentially malicious websites but also entire domain zones. The .CLUB gTLD has fallen victim to this overzealous vigilance. When attempting to visit a website in this domain zone, the plugin flashes a warning that access is “blocked due to a suspicious top-level domain (TLD).” It goes on to claim that “these [domains] are frequently used by scam or phishing sites, but can be used by legitimate websites as well.”
Users can specifically choose to continue to the blocked website, but these warnings clearly will cause traffic to plummet. Meanwhile, it is very difficult to call .CLUB a cybercriminal lair, with tens of thousands of domains in the new gTLD leading to perfectly legitimate websites, including those of many sports and leisure clubs, as well as professional associations and venues. Domain industry and cybersecurity experts have already criticized this approach and deemed it excessive. Representatives of Malwarebytes admits that its product is new and the algorithm may need tweaking, but the company still says that Browser Guard uses domain zone blacklists from the most reputable sources. However, this claim sounds questionable: for example, according to the data of the highly regarded organization SpamHaus, there only were 198 cases of domain abuse in .CLUB last summer, compared with over 5,000 cases in .COM according to Forbes. It is clear that the number of domains registered in these zones is beyond comparison, but, according to SpamHaus, malicious domains account for only 0.9 percent of all registrations in the .CLUB domain zone. This is hardly a reason to declare the entire gTLD suspicious.
