Threat Management, Threat Management

Most popular top-level domains among cybercriminals examined

Threat actors' 25 most preferred top-level domains account for 90% of all malicious domain names, while six of the leading TLDs are being manged by developing countries, according to BleepingComputer. Palo Alto Networks reported that while .com remains the most popular TLD, the .xyz, .icu, .rn, .cn, .uk, and .tk domains had the worst cumulative distribution of malware. Moreover, the .ga, .xyz, .cf, ,tk, .org, and .ml domains had the highest number of distributed malware. Threat actors involved in phishing attacks most commonly used the .net domain, followed by the .pw, .top, .ga, and .icu domains, while the .org, .info, .co, .ru, .work, .net, and .club domains were usually used for grayware distribution. "One of the most fascinating stories in the domain name world is how .tk, the ccTLD of a small Pacific island called Tokelau, became one of the most populous TLDs in the world. Domain registrations contributed at one point one-sixth of Tokelau's income," said the report.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.