Spamhaus News | March 31, 2020

Cybercriminals will always take advantage

In their pursuit of criminals, cyber investigators need transparency when it comes to accessing domain registration data from WHOIS. Today, such concerns are coming from governments whose citizens are facing an avalanche of attacks exploiting the COVID-19/Coronavirus pandemic. In recent days, the U.S. Department of Justice filed a temporary restraining order against registrar Namecheap to suspend a domain that was used to host fake COVID test kits, citing that, “NameCheap, Inc. plays a critical role in the scheme by serving as the domain registrar of the website, which allows potential victims to access the website.”

The Office of the New York Attorney General has also contacted registrar GoDaddy and others, expressing concern that “cybercriminals have been registering a significant number of domain names related to ‘coronavirus’ in recent weeks” and has outlined “steps to prevent bad actors from taking advantage of the current crisis” in their correspondence.

Here, we are looking at one of the several ways that miscreants exploit domain names, by utilizing bulk registration services to provide them with means to launch attacks from multiple origins.

Read full article by Dave Piscitello here.

SOURCE The Spamhaus Project