STE WILLIAMS

Almost all .science malicious, .cricket rigged, boffins find

Almost every one of the hundreds of thousands of websites in 10 top level domains including all under .review and .zip are malicious, according to research.

More than 95 percent of the hundreds of thousands websites in each of ten top level domains (TLDs) including .country, cricket, .science, and .party are flogging spam, malware, or adware.

The shocking findings published by security firm Blue Coat are part of a review canvassing millions websites requested by its clients of 15,000 businesses and 75 million global users.

“Most of these websites are being leveraged by attackers in spam and scams and to distribute potentially unwanted software,” the bluecoat study Do Not Enter [pdf] says.

“Others are related to search engine optimisation positioning or other ‘junk sites’ that would be classified as suspicious.

“… businesses should consider blocking traffic to .work, .gq, .science, .kim and .country [and] the remaining five TLDs in the top 10 shadiest TLDs list deserve similar consideration.”

Examples of the scam sites show basic scams such as shock sites that foist malware or surveys on victims who attempt to view bogus videos.

Malware and bots are not frequently slung on the shady sites. The reasons for this are not described in the report.

Some TLDs are considered safe, including .sucks which demands up to a $2000 annual registration fee, something that prices scammers out of the market.

The .mil military TLD clocked the least number of shady sites at 0.24 percent. The .London TLD featured in the dux list sporting 1.85 percent of bad sites among its registered total.

Blue Coat warns that smaller players operating TLDs like .ck for the Cook Islands may lack the resources to maintain the current safe standing.

TLD operators need to pay the Internet Corporation for Assigned Names and Numbers US$185,000 for the privilege to operate and demonstrate the means to run the registry.

There are no requirements to impose the scrutiny on domain buyers which creates the opportunity for abuse, Blue Coat says. ®

Sponsored:
Go beyond APM with real-time IT operations analytics

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/09/03/blue_coat_domain_report/

  • 03/09/2015
  • adm
Comments are closed.