Infoblox researchers spotted a record 35-fold increase in newly observed ransomware domains compared to Q4 2015 based on its DNS (domain name system) Threat Index.
Infloblox did not give an exact number to reflect the increase, but said its index tracks the creation of malicious DNS infrastructures, through both registration of new domains and hijacking of previously legitimate domains or hosts, and has a baseline of 100 but hit an all time high of 137 in Q1 2016, according to the Infoblox DNS Threat Index Q1 Report.
Cybercriminals use the domains as a foundation for unleashing threats including malware, exploit kits, phishing attacks, and DDoS attacks.
“There has been a seismic shift in the ransomware threat, expanding from a few actors pulling off limited, small-dollar heists targeting consumers to industrial-scale, big-money attacks on all sizes and manner of organizations, including major enterprises,” Infoblox Vice President of Cybersecurity Rod Rasmussen said in a June 1 press release.
The report also found the U.S. is still the top host for newly created malware and accounts for 41 percent of malicious domain observations.