The Justice Department said Tuesday that it has seized two domain names used in a cyberespionage campaign that targeted U.S. and foreign government agencies, think tanks and humanitarian groups. The campaign was disclosed last week by Microsoft, which linked it to the same group of Russian intelligence operatives responsible for the massive SolarWinds intrusion that breached federal agencies and private corporations.
Using social engineering tricks, the hackers were able to change the DNS settings of their victims' domain names, redirecting connections and mail to their own servers. GoDaddy, the world's biggest domain-name registrar, confirmed "a small number of customer domains and/or account information" were altered after "a limited number of GoDaddy employees" were duped.
The United States this week announced that it seized a total of 92 domain names that an Iran-linked adversary was leveraging in a global disinformation campaign. The manner in which these domains were being used was in violation of sanctions the U.S. imposed on both the government of Iran and the IRGC. As of April 2019, the United States has designated the IRGC as a foreign terrorist organization.
Pages for inactive domain names can be exploited by cybercriminals to take you to malicious sites, says Kaspersky. Most of us at some point have likely tried to open a website only to discover that the site no longer exists, replaced by a landing page indicating that the domain has expired or is up for rewewal.
Facebook on Monday announced that it filed a lawsuit in Virginia against 12 domain names for their deceiving behavior. The 12 fraudulent domain names are registered by India-based proxy service Compsys Domain Solutions Private Ltd. and the social platform sued them for impersonating Facebook apps and services such as facebook-verify-inc.com, instagramhjack.com and videocall-whatsapp.com.
Business email compromise attacks continue to be a thorn in companies' sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitalize on existing victims.
One site registered in Russia offers a coronavirus cure for $300. Check Point Research found a spike in coronavirus domain name registrations earlier this month as hackers increase malicious activity around the illness. Check Point listed "Vaccinecovid-19.com" as an example of a malicious site.
Bargain basement gTLDs and glyph attacks using IDNs are powering phishing attacks, with fraudulent registrations on the rise. Worse yet, phishing sites are increasingly getting security certificates.
DNS leak flaw outside of bug bounty scope, it seems Kaspersky's Android VPN app whispered the names of websites its 1,000,000-plus users visited along with their public IP addresses to the world's...
When ICANN introduced domain names that can use non-ASCII characters, it created opportunities for phishers. Here's how that can be overcome.