Expert Analysis

05:47 PM
50%
50%

Schwartz On Security: Remove Dangerous Sites From Internet

Should domain name registrars and businesses with compromised, malware-spewing websites be dropped from the Internet?

When it comes to the websites used by attackers to host malicious code or bump unsuspecting visitors onto their botnet, choosing a way to procure or exploit any given website must be challenging with so many options.

Scammers sometimes use rogue domain name registrars to just steal websites outright. But according to a new study from McAfee, many scammers are also pursuing a free-market approach -- serving up malicious code from websites with domain names registered in countries with low prices, easy registration and relatively few controls.

The McAfee study examined 27 million websites, and found that the world's most riskiest domain is now the top-level-domain workhorse, .COM. In terms of countries, .VN (Vietnam) is the single riskiest domain, with 29% of its registered websites ranking as risky. That's an increase from just 1% of its websites posing a risk last year. Cameroon's .CM, Armenia's .AM and the Cocos Island's .CC round out the list of riskiest domains.

Vietnam's shift highlights attackers' flexibility. "This report underscores how quickly cybercriminals change tactics to lure in victims and avoid being caught," said Paula Greve, director of web security research for McAfee Labs. "Last year, Vietnam's .VN was a relatively safe domain, and this year it jumped to the third most dangerous domain. Cybercriminals target regions where registering sites is cheap and convenient and pose the least risk of being caught."

Meanwhile, another one of the year's riskiest domains, Cameroon (.CM), likely jumped to prominence, she said, over a typo. Omit a letter from your favorite .COM website's address, and you may land at a malicious website serving up malware via drive-by downloads that exploit known vulnerabilities. Bingo, your PC silently joins a botnet.

One fat-finger workaround is to search for domain names via Google. But Google isn't 100% safe either, thanks to concerted efforts by attackers to poison its search results.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Cartoon
White Papers
Register for Network Computing Newsletters
Current Issue
2014 State of Unified Communications
2014 State of Unified Communications
If you thought consumerization killed UC, think again: 70% of our 488 respondents have or plan to put systems in place. Of those, 34% will roll UC out to 76% or more of their user base. And there’s some good news for UCaaS providers.
Video
Slideshows
Twitter Feed