Approximately 79 million new malicious domains have been flagged by security researchers for 2022’s first half, indicating that about 13 million of these domains were created per month since January. In a NOD (newly observed domain) dataset, researchers only have minutes to determine and measure whether a newly created domain is malicious through fully automated detection systems.
Based on the findings, about 1 in 5 newly created domains are tagged as malicious as per the current detection system that spotted them. After being flagged, ISPs (Internet Service Providers) and network carriers can immediately block them to evade being used for attack purposes.
The rising trend of hackers creating new malicious domains has grown exponentially over the past years.
Experts state that these domains are generally created to be a platform for propagating cyberattacks. Most of these attacks involve phishing that aims to steal data from victims and as a platform to inject malicious payloads into a victim’s computer through malware-carrying files.
Several threat groups also use different malicious domains per single campaign since there are instances that they utilise them for various attack stages. This process involves the hackers dumping a previously used domain and jumping to another one after an initial attack stage has been finished.
Users and organisations are advised to protect themselves with a layered security firewall to ensure an adequate shield against such clever tactics.
Despite all efforts to block these new malicious domains before a threat actor can utilise them, separate security researchers still believe there will always be a challenge to measuring and determining whether or not they are malicious. Moreover, hackers have also been inventing techniques to bypass security checks, hence the occasional appearance of malicious websites that conduct cyberattacks.
Nevertheless, through security companies’ novel tools and approaches to address and mitigate threats within the DNS layer, users should be less worried about the chances of landing on these domains.
Even though the technologies for detecting these new malicious domains are actively doing their duties, users should still be more attentive about engaging, interacting, and entering their credentials on websites that tend to be suspicious.
