Carding 4 Carders
Professional
The main domain of the United States has become a tool of scammers and cybercriminals.
Infoblox research has revealed that the US Top - Level Domain (TLD) is .US-has become a platform for registering thousands of new domains associated with the malicious link shortening service, which is used for fraud and malware distribution. The report was immediately followed by a report pointing to domains .US as one of the most common phishing attacks over the past year.
Researchers from Infoblox tracked a link shortening service that has been around for 3 years. It was found that fraudulent domains are usually between 3 and 7 characters long and are hosted on Bulletproof Hosting (BPH), which ignores any complaints about content or legal claims. Abbreviated domains do not host content by themselves, but they are used to hide the real address of phishing sites-landing pages designed to deceive users or install malware.
How the link shortening service works
How malicious pages are being promoted is still unclear, but it is suspected that this is mainly due to SMS fraud. Infoblox was able to trace the contours of the service thanks to pseudo-random patterns in short domains, which at first glance seem to be a meaningless mixture of letters and numbers. For this purpose, a registration detection system was used using domain name generation algorithms.
The researchers called the link shortening service "Prolific Puma" and determined that until May 2023, new registrations of malicious domains using Prolific Puma mainly passed through .info domains. Since then, it has been revealed that those responsible for the service use .US to register 55% of the total number of domains created, while dozens of new malicious .US domains are registered daily.
.US is controlled by the National Telecommunications and Information Administration (NTIA). But long time domain management .US was transferred to various private companies, which gradually allowed the main US domain to turn into a swamp of phishing activity.
This is the conclusion reached by the consulting group Interisle, which published an annual report on the latest phishing trends. Back in 2018, Interisle established that domains .The US is "first in the world" in terms of spam, botnets, and illegal or malicious content.
In its latest study, which looked at 6 million phishing reports from May 1, 2022 to April 30, 2023, Interisle identified about 30,000 phishing domains .US. A significant number of domains were found .The US has been registered to target some of the most prominent US companies, including Bank of America, Amazon, Apple, AT&T, Citi, Comcast, and Microsoft. Others were used to simulate or attack U.S. government agencies.
According to NTIA rules, domain registrars that process domain registrations .US companies must take certain steps to verify that their clients actually reside in the United States or own organizations based in the United States.
Infoblox research has revealed that the US Top - Level Domain (TLD) is .US-has become a platform for registering thousands of new domains associated with the malicious link shortening service, which is used for fraud and malware distribution. The report was immediately followed by a report pointing to domains .US as one of the most common phishing attacks over the past year.
Researchers from Infoblox tracked a link shortening service that has been around for 3 years. It was found that fraudulent domains are usually between 3 and 7 characters long and are hosted on Bulletproof Hosting (BPH), which ignores any complaints about content or legal claims. Abbreviated domains do not host content by themselves, but they are used to hide the real address of phishing sites-landing pages designed to deceive users or install malware.
How the link shortening service works
How malicious pages are being promoted is still unclear, but it is suspected that this is mainly due to SMS fraud. Infoblox was able to trace the contours of the service thanks to pseudo-random patterns in short domains, which at first glance seem to be a meaningless mixture of letters and numbers. For this purpose, a registration detection system was used using domain name generation algorithms.
The researchers called the link shortening service "Prolific Puma" and determined that until May 2023, new registrations of malicious domains using Prolific Puma mainly passed through .info domains. Since then, it has been revealed that those responsible for the service use .US to register 55% of the total number of domains created, while dozens of new malicious .US domains are registered daily.
.US is controlled by the National Telecommunications and Information Administration (NTIA). But long time domain management .US was transferred to various private companies, which gradually allowed the main US domain to turn into a swamp of phishing activity.
This is the conclusion reached by the consulting group Interisle, which published an annual report on the latest phishing trends. Back in 2018, Interisle established that domains .The US is "first in the world" in terms of spam, botnets, and illegal or malicious content.
In its latest study, which looked at 6 million phishing reports from May 1, 2022 to April 30, 2023, Interisle identified about 30,000 phishing domains .US. A significant number of domains were found .The US has been registered to target some of the most prominent US companies, including Bank of America, Amazon, Apple, AT&T, Citi, Comcast, and Microsoft. Others were used to simulate or attack U.S. government agencies.
According to NTIA rules, domain registrars that process domain registrations .US companies must take certain steps to verify that their clients actually reside in the United States or own organizations based in the United States.
