Font size:
Decrease - Increase +
Page background:
Ordinary White Black Blue
Letter spacing:
Ordinary Average Big
Images:
On Off
Disable visually impaired version close
Version for visually impaired people
News

The DomainTools names the domain zones most often used to register malicious domains

18 july 2022

Cybersecurity company DomainTools has published its Spring 2022 Report, naming and shaming top level domains that it says are overrepresented for badness. It categorizes malicious use cases into three main categories: phishing, malware distribution, and spam. The report does not rank domain zones by the absolute number of names used for a particular type of illegal activity; instead, it compares the total number of registrations with the number of domains involved in malicious activity.

The general trend that can be traced in the report is quite obvious and remains in force for several years: the lower the cost of registration, the higher the chances that a domain name will be used for unseemly purposes. Cybercriminals register dozens and hundreds of domains in order to have time to transfer their "business" from one address to another as they are included in the block lists, and therefore the issue of cost is of paramount importance to them. At the same time, as Domain Name Wire notes, registries can be very diligent in fighting malicious registrations and blocking them as soon as they receive information about illegal activity. But the problem is that by the time this information is received, the malicious domain has already managed to cause a lot of trouble.

In the “phishing” category, the top five most “malicious” domain zones look like this: .BUZZ, .GQ (national domain of Equatorial Guinea), .GA (national domain of Gabon), .REST, .ML (national domain of Mali). The leaders in malware distribution are .XYZ, .CC (national domain of the Cocos Islands, Australian Outer Territory), .BUZZ, .CFD and .CYOU. And the .CAM, .BAR, .SURF, .XYZ, and .CLICK domains were particularly successful in spreading spam. The popularity of the .XYZ domain among cybercriminals is noteworthy: it is not only represented in two of the three categories, but also leads one of them. The document states that the number of cases of using domain names in the .XYZ zone for spreading malware is not only not decreasing, but is also growing rapidly: compared to the previous report, it has grown from 207,000 to 323,000.

Previous News Next news

Read also in the section "News"

25 september First Auction Contender for the First Next Round New gTLD Determined 25 september The IP&IT LAW – 2025 Started 24 september Legal Aspects of Digital Services 23 september Slovakian ccTLD Registry Starts Auctions of Premium Domain Names in October 23 september IT Timurovites-Game Practitioners Festival Held in Barnaul 20 september RCC Interested in Increasing of Domain Registrars Number
Contact us
+7 495 730-29-71 Call Ask a question
About the center What we do
Management structure
Contact information
Services WHOIS
WHOIS+
Domain selection
Trademark check
Domain security
Expiring domains
Media center News
Publications
Events
Domains .RU domain names
.РФ domain names
Domain name registrars
Official documents
Help Domains and trademarks
Information security
Internet literacy