Experts: Hackers Registered Over 500,000 Domains for Massive Cyber-Attack

4 months ago 45
YOUR AD HERE
Cyber-AttackAccording to cybersecurity experts, bad actors are gearing up for a massive cyber-attack utilizing 500,000 domains explicitly registered for that purpose. File photo: Shutter Z, ShutterStock.com, licensed.

SANTA CLARA, CA – Hackers have been around since the debut of the Internet, and over the years they’ve learned a number of underhanded tricks to use on unsuspecting victims; one of the most prolific is registering new domains to use to disseminate malware and conduct fishing attacks – while posing as innocent and trustworthy websites – in order to get the unwary to share sensitive information or download malicious software.

That being said, according to cybersecurity experts at InfoBlox, threat actors are gearing up for a massive cyber-attack after utilizing Registered Domain Generation Algorithms (RDGAs) to register over 500,000 domains explicitly for that purpose.

RDGAs are an advanced, more flexible, and harder-to-detect offshoot of regular DGAs that hackers have used to register millions of domains under the cover of secrecy – as they allow users to register domains with a greater degree of privacy – and can be utilized to proliferate numerous online scams, ranging from phishing to malware and more.

InfoBlox researchers have noted the primary hacking group behind the upcoming cyber-attack: Revolver Rabbit – a long-time RDGA threat actor that often uses XLoader and Hancitor malware – has registered more than 500,000 .bond Top Level Domains (TLDs), all of which have been linked to the XLoader malware.

Hackers Registered 500k+ Domains Using Algorithms For Extensive Cyber Attack: Hackers often register new domains for phishing attacks, spreading malware, and other deceitful activities.  Such domains are capable of pretending to be trusted entities,… https://t.co/LydJlaG7DD pic.twitter.com/IAytvYQBqx

— Shah Sheikh (@shah_sheikh) July 22, 2024

RDGAs are more difficult to detect than regular DGAs without extensive DNS data analysis due to the complicated patterns that they exhibit, ranging from random characters to constructed word combinations.

Manual research is not practical in detecting the massive number of malicious RDGA domains on the Internet. However, during a six-month period of time two million were detected at a rate of 11,000 new ones per day. Experts are now beefing up automatic RDGA detection technology – including as advanced DNS analytics-based security solutions for computer networks – which they say is the most effective way to combat the ongoing threat that RDGA domains can pose.

Filed Under: Domain Names, Security Issues Tagged With: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Read Entire Article