Cyber-criminals choosing Non-chargeable “ce.ms” Domains, Reports Zscaler
Cyber-criminals have migrated to "ce.ms" domains away from "co.cc" and hosting malware on them following Google's act of thwarting the co.cc domains, Zscaler the security company observes.
Indeed, Zscaler spotted several ce.ms domains that were abusing different familiar client-side security flaws.
On decoding this malware, it has been found having an association with the Blackhole malware toolkit that abuses several different client-side flaws.
During June 2011, Google began labeling mass "co.cc" domains when it noticed several of them supporting malicious software. The company stated that often thousands of sub-domains were registered simultaneously as also utilized for disseminating scareware or other malware.
Zscaler noted that certainly, all websites that were hosted on free domains weren't necessarily malevolent; however, they were largely acceptable to people seeking for contaminating others' computers. The company therefore advised users to maintain caution incase they saw a dubious appearing web address which had a freely available domain name, to remain protected.
Cyber-criminals will keep on exploiting the widely acceptable free domains. With Microsoft withdrawing the lawsuit against the domain provider of botnet Kelihos and the service acquiescing for joint task with the organization for devising as also enforcing best practices for stopping non-chargeable sub-domains' exploitation, one can hope the knowledge emerging from the joint-task will spread to more free domain suppliers.
Related article: Cyber Child abuser Sentenced To Imprisonment
» SPAMfighter News - 10-11-2011