Infoblox Warns: .US Domain Hub for Malicious Link Shortening Service
A recent report by Infoblox has exposed a significant security concern in the .US domain. The domain, managed by Neustar, has been found to host thousands of newly-registered domains tied to a malicious link shortening service, facilitating malware and phishing scams. This service, dubbed 'Prolific Puma', has been active for three years and is known for using short, seemingly random domains hosted on bulletproof hosting providers.
Until May 2023, the majority of new registrations linked to this malicious service were under the .info domain. However, since then, the .US domain has been used for approximately 55% of the total domains created. Infoblox's full report on Prolific Puma is available for further details.
The .US domain's lax verification process is a contributing factor. While NTIA regulations require domain registrars to verify customers' U.S. residency or nexus, GoDaddy allows customers to choose from pre-selected affirmative responses, making verification less stringent.
Interisle Consulting Group's studies have consistently shown the .US domain to be among the worst for spam, botnet, and illicit or harmful content. Between May 1, 2022, and April 30, 2023, Interisle identified approximately 30,000 .US phishing domains targeting prominent U.S. companies and government agencies.
Adding to the concern, more than 2,000 malicious link shortener domains ending in .US have subverted transparency requirements and converted to private registrations through NameSilo since October 2023.
The outsourcing of the .US domain management to private companies has allowed it to become a hub for phishing activity. With the recent surge in .US domain registrations tied to the malicious link shortening service, it's crucial for the NTIA to reevaluate and strengthen the verification process for .US domain registrations. Infoblox's report serves as a stark reminder of the importance of domain transparency and strict verification processes in preventing online fraud and cyber threats.
Read also:
- State Supreme Court Rules in Favor of Hogg Hummock Residents, Referendum on Zoning Change to Proceed
- Germany's Coalition Explores Social Security Reforms Amid Record Spending
- Hundreds of Steelworkers and Metalworkers Protest in Duisburg for 4% Pay Hike
- chaos unveiled on Clowning Street: week 63's antics from 'Two-Tier Keir' and his chaotic Labour Circus
