New group provides threat intelligence to domain registrars, other firms

Share this article:
Name.com, Facebook and Verizon are among the companies backing the newly-formed group.
Name.com, Facebook and Verizon are among the companies backing the newly-formed group.

A new organization aims to prevent cyber crime by making sure the domain name industry receives the needed intelligence to immobilize criminals.

On Monday, the formation of the Secure Domain Foundation (SDF), a Canada-based non-profit, was announced. A number of companies, in and outside of the domain name industry, have backed the newly-formed group, from registrars Name.com, Nominet and Rightside Registry, to major service providers like Facebook and Verizon.

SDF provides a reputation and validation API, which allows users to quickly identity potential abuse, according to the group's website. In addition, the service enables domain registrars to comply with requirements established in the Internet Corporation for Assigned Names and Numbers' (ICANN) 2013 Registrar Accreditation Agreement.

On Friday, Chris Davis, the co-founder and president of SDF, who also serves as director of partnerships at CrowdStrike, told SCMagazine.com how the organization came about.

“The problems I was having as a researcher, was that [the majority of] modern malware actors used domain names for either command-and-control infrastructure or for distributing their malware,” Davis said. Too many times, an actor whose activities had been detected would simply register another domain name to continue their attacks, he added.

“What we are striving to do with the SDF is to provide domain registrars intelligence on the attackers,” he said.

Davis led efforts to identify and dismantle the Marisposa botnet, which, at one point, consisted of 13 million infected PCs spanning 190 countries.

He added that tech companies, like Facebook and Verizon, with expansive customer bases, were just as interested in using threat information to find, and stop, scams or infections being spread by attackers.

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

WikiLeaks makes FinFisher surveillance software available to public

Copies of controversial surveillance software, called "FinFisher," were made available for public scrutiny by WikiLeaks.

Researcher challenges reports that BlackPOS variant struck Home Depot

Nuix believes the malware found on Home Depot's systems belongs to a different threat family.

Documents reveal NSA plans to map every internet connected device in the ...

Documents provided by Edward Snowden reveal that the NSA is looking to build a near real-time map of every single internet-connected device in the world.