Security News > 2021 > December > Silent danger: One in five aged domains is malicious, risky, or unsafe
The number of malicious dormant domains is on the rise, and as researchers warn, roughly 22.3% of strategically aged domains pose some form of danger.
Based on that, efforts in detecting strategically aged domains before they get the chance to launch attacks and support malicious activities have picked up pace.
Unit42 explains in its report that strategically aged domains are three times more likely to be malicious than NRDs. In some cases, these domains stayed dormant for two years before their DNS traffic suddenly increased by 165 times, indicating the launch of an attack.
Another clear sign of a purposefully aged domain that is meant to be used in malicious campaigns is DGA subdomain generation.
DGA domains played a vital role in that campaign, carrying 23.22% of the traffic on the activation day, which spiked 56 times higher than normal DNS traffic volumes.
In most cases, strategically aged domains are used by sophisticated actors who operate in a more organized context and have long-term plans.