Huge Number of TLDs Used to Support Malicious Web Practices - Blue Coat

Security vendor Blue Coat carried out research for months and then revealed that a number of TLDs (top-level domains) are used almost fully to support botnets, spam campaigns and phishing.

Blue Coat noted that domains are no more restricted to .com, .org and nation of origin; instead, operators of websites can select from a wide range including .edu, .link, .review, .mil and .work amongst others.

However, the employment of several TLDs is far from genuine; instead, the researchers say that more than 95% of websites in 10 various TLD "neighborhoods" are considered cynical and in 2 domains, .review and .zip, every URL analyzed is related to tainted use.

Blue Coat examined hundreds of millions of online requests from more than 15,000 businesses and 75 million Internauts to test the authenticity of ten different TLDs. Security team of Blue Coat in its report reveals that a domain was considered "doubtful" if it enclosed scams, spam, malware, a botnet link, potentially unwanted software (PUS) or was linked to phishing campaigns.

The domain was granted the tribute of being "non-shady" in case it became clean.

The report revealed: "Much has changed since the beginning of Internet when web had only six common top level domains (TLDs). By June 2015, the number of valid TLDs issued became more than one thousand. As the number of TLDs has increased, the opportunities for attackers have also increased because these TLDs with more number of shady sites can provide productive ground for malicious activity."

Businesses should consider to block traffic which leads to the dangerous TLDs like .gq. .work, .kim, .science and .country.

Techienews.co.uk published news on 1st September, 2015 quoting Dr. Hugh Thompson, Chief Technical Officer of Blue Coat Systems, as saying "Due to eruption of TLDs in recent years, we have found an astounding number of almost entirely grayish Web neighborhoods coming up at an alarming rate. Blue Coat's analysis has revealed that the surge in shady TLDs is providing more opportunity for the bad actors to participate in malicious campaigns. In order to construct better security measure, it is necessary for consumers and business houses to gain knowledge about the most malicious sites."

» SPAMfighter News - 9/17/2015