On Wednesday, Moscow hosted an annual meeting of the Netoscope project dedicated to reviewing the results of 2024 and discussing plans for the future.
Opening the meeting, Director of the Coordination Center for TLD .RU/.РФ Andrey Vorobyev emphasized the importance of such events for understanding the current agenda and challenges in addressing DNS abuse.
“These annual meetings are a good opportunity to compare notes on the current situation in countering the use of the domain name system for illegal purposes and identify the most pressing problems and tasks. Due to the trusted environment of the Netoscope project, participating companies can promptly exchange information when incidents are detected, which is crucial for minimizing potential damage from DNS abuse,” Andrey Vorobyev added.
Olga Baskakova, Project Manager at the Coordination Center, who summarized the 2024 results, spoke about the tools currently used by the participants and opened a discussion on the improvements to further develop of the project. She noted that the project database now contains more than 5.2 million domains, with more than 167,000 malicious resources added in 2024, 160% more than a year earlier. The bulk of them (119,124) are malicious domains known to be associated with malware. In total, the Netoscope list includes 279,229 phishing domains, 4,381,781 domains engaged in malware distribution and management, and 445,379 spam domains.
Alexander Vurasko from Solar Security discussed the patterns that attackers use to create chains of phishing websites, changes in the types of attacks and new challenges.
“Modern phishing shows a high level of process automation, and a shift away from the use of domains associated with popular brands in favor of automatically generated links not related to any specific brand,” Alexander Vurasko noted.
Konstantin Melnikov of Infosecurity highlighted the key phishing delivery channels such as contextual advertising, apps and messengers, and offered his vision of upgrading the project.
Nikita Novikov (Technical Center of Internet) presented proposals for finalizing the Netoscope database and the timeframe for their implementation.
The meeting ended with a discussion on the possibilities for the project’s further development and its role in improving internet security.
Netoscope is a research platform for aggregating data on malicious resources in national top-level domains, which has been in operation since 2012. Thirteen Russian companies contribute to its work.
