Malware authors utilise parked domains
Some authors of malicious malware, have started targetting parked domain names in an attempt to create a wider network of zombie machines. Around 100 domains parked at NameDrive, one of the largest domain parking companies on the Internet, were pointing to an “ad server” that was setup to serve trojan malware. This server accounted for 10% of web-based malware attacks blocked by filtering service ScanSafe.
The malware server apparently was one step outside of the common pattern. This meant that the attacks which started in June, were only recently detected. ScanSafe have detected 126 sites that have infected adverts on them. The majority of the affected domains have the german (.de) and dutch (.nl) extensions. NameDrive and ScanSafe say that they are working together to identify the exact cause and execution of the attack.
Domain Parking is a common process that is used to park domain names which an owner does not have a use for. The services can often bring good revenue to a domain owner who has a popular domain name. When parked, a domain name displays adverts relating to the keywords chosen by the user. These targeted ads then provide revenue when clicked on, a percentage of which goes to the domain owner.
I have a number of domains personally with NameDrive, as they are all names that were purchased and that either myself or my business have not worked on yet. I would link to one as an example, however I would expect this to be outlawed in NameDrive’s TOS (Terms of Service) agreement. I certainly am interested to see what happens in this case…hopefully both companies can work together to fix whatever needs fixing.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Leave a comment