Experts: Hackers Registered Over 500,000 Domains for Massive Cyber-Attack
SANTA CLARA, CA – Hackers have been around since the debut of the Internet, and over the years they’ve learned a number of underhanded tricks to use on unsuspecting victims; one of the most prolific is registering new domains to use to disseminate malware and conduct fishing attacks – while posing as innocent and trustworthy websites – in order to get the unwary to share sensitive information or download malicious software.
That being said, according to cybersecurity experts at InfoBlox, threat actors are gearing up for a massive cyber-attack after utilizing Registered Domain Generation Algorithms (RDGAs) to register over 500,000 domains explicitly for that purpose.
RDGAs are an advanced, more flexible, and harder-to-detect offshoot of regular DGAs that hackers have used to register millions of domains under the cover of secrecy – as they allow users to register domains with a greater degree of privacy – and can be utilized to proliferate numerous online scams, ranging from phishing to malware and more.
InfoBlox researchers have noted the primary hacking group behind the upcoming cyber-attack: Revolver Rabbit – a long-time RDGA threat actor that often uses XLoader and Hancitor malware – has registered more than 500,000 .bond Top Level Domains (TLDs), all of which have been linked to the XLoader malware.
RDGAs are more difficult to detect than regular DGAs without extensive DNS data analysis due to the complicated patterns that they exhibit, ranging from random characters to constructed word combinations.
Manual research is not practical in detecting the massive number of malicious RDGA domains on the Internet. However, during a six-month period of time two million were detected at a rate of 11,000 new ones per day. Experts are now beefing up automatic RDGA detection technology – including as advanced DNS analytics-based security solutions for computer networks – which they say is the most effective way to combat the ongoing threat that RDGA domains can pose.
About The Author: John Colascione is Chief Executive Officer of SEARCHEN NETWORKS®. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a how-to book called ”Mastering Your Website‘, and is a key player in several online businesses.
