Infosecurity has registered hundreds of domain names similar to the names of popular brands
Using the ETHIC service, the Infosecurity experts have found mass registration of domains of famous brands in the Russian Internet. Now we’ll explain for what purposes new sites with servers in Belize were created.
In recent days, Infosecurity Company has recorded the growing popularity of domain names in the .RU zone with various combinations of names of popular brands ending with -off. The number of such domain names is already in the hundreds, and they keep appearing. Even though none of these domains are linked to any active website, all this may signal an impending large-scale phishing attack.
The Infosecurity specialists suggest that all these domain names are registered by one person or a group of persons, as all new resources have common features. Firstly, the domains are registered through the same Russian registrar company, and secondly, they are all tied to a server located on the technical premises of Ispiria Company in Belize, a small country in Central America. By the way, this company is often used to host phishing and other malicious sites.
“In just one day, on October 20, our ETHIC threat detection service recorded 192 new domain names ending in -off.ru. Considering that the cost of registering one domain name by the selected registrar is 199 rubles, the total costs of the buyer of these domains amounted to about 40 thousand rubles. This is quite a significant amount of money, so hardly anyone registered all these domain names just for fun, most likely the domain owner will soon start to monetize them. There are a lot of monetization scenarios: they can be used to boost network traffic, for phishing mailings, or to create full-fledged phishing sites,” – Sergey Trukhachev, Head of Special Services Unit at Infosecurity, says.
There has been a failure so far to reveal certain patterns in the brands selection. The list of domains includes oil companies, pharmacies, mobile operators, and fashion brands popular in Russia.
The Company's experts warn that the outbreak of resources whose domain names match with the names of brands should be a wake-up call for these brands’ owners. In the current environment, the possible activity with these domain names should be closely monitored to be able to take speedy protective measures.
Project of the Year 2020: Contest Results
Infosecurity (a Softline Company) traditionally took part in the Project of the Year 2020 Contest by the Global CIO IT Community. This year, the contest was held for the ninth time and became one of the key communication platforms for sharing experiences and expert opinions of CIOs and top managers.
Infosecurity Supports the "Charity Instead of Souvenirs" Initiative
The year 2020 has been tumultuous and challenging for each of us: some have overcome the constraints of this year safely, others have got the worst of it. However, there is a special category of people that most need help and support – children experiencing difficult living situations. That is why, on New Year’s Eve, Infosecurity has reached out to those who need help and support.
Infosecurity Solution is included in the Unified Register of Russian Software
The ISOC Platform for Cyber Security Incidents Monitoring and Response developed by Infosecurity has been included in the Unified Register of Domestic Software in accordance with the Order of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation of December 14, 2020. Introducing the solution in the Unified Register of Russian Software opens up new prospects for Infosecurity cooperation with public sector customers.