Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Domain Provider. Show all posts
User Privacy
Data Breach Domain Provider FBI LabHost PHaas User Privacy

FBI Shares Details of 42,000 LabHost Phishing Domains

 

The LabHost cybercrime platform, one of the biggest worldwide phishing-as-a-service (PhaaS) platforms, was shut down in April 2024, but the FBI has disclosed 42,000 phishing domains associated with it. In order to raise awareness and offer signs of compromise, the published domains—which were registered between November 2021 and April 2024, when they were seized—are being shared. 

Operations and removal of LabHost 

LabHost is a significant PhaaS platform that sells access to a large number of phishing kits aimed at US and Canadian banks for $179 to $300 per month. It featured numerous customisation options, innovative 2FA bypass mechanisms, automatic SMS-based interactions with victims, and a real-time campaign management panel. Despite its launch in 2021, LabHost became a major player in the PhaaS market in late 2023/early 2024, surpassing established competitors in popularity and attack volume. 

It is estimated that LabHost stole over 1,000,000 user credentials and over 500,000 credit card details. In April 2024, a global law enforcement campaign supported by investigations in 19 nations resulted in the shutdown of the platform, which had 10,000 customers at the time. 

During the simultaneous searches of 70 residences, 37 people suspected of having links to LabHost were arrested. Although the LabHost operation is no longer active, and the shared 42,000 domains are unlikely to be used in malicious operations, the information remains valuable to cybersecurity firms and defenders. First, the domain list can be used to generate a blocklist, reducing the likelihood of attackers recycling or re-registering any of them in future attacks. 

The list can also be used by security teams to search logs from November 2021 to April 2024 in order to detect earlier connections to these domains and find previously unknown breaches. Finally, the list can assist cybersecurity experts in analysing domain patterns in PhaaS systems, improving attribution and intelligence correlation, and providing realistic data for phishing detection model training. The list is shared with the warning that it has not been vetted and may contain errors. 

"FBI has not validated every domain name, and the list may contain typographical or similar errors from LabHost user input," notes the FBI ."The information is historical in nature, and the domains may not currently be malicious. The FBI also noted that investigation of this list may show additional domains tied to the same infrastructure, therefore the list may not be exhaustive."
Read more »
Website Developer
Domain Provider Google URLs Technology Web Domain Website Developer

Google Introduces .ing Web Domains at a Hefty Cost

 

Google has announced that the.ing web domain is now available for users who want to spice up their URL.

There are numerous approaches to creating a good website. Quality design, engaging content, and responsive customer service are all important factors to consider when developing the online presence. 

However, your chosen web domain may have an impact, and Google has just made things a little more intriguing for those looking to make an effective first impression. 

“There's a new domain launching today that lets you build your website in a single word: .ing. This top-level domain is ready for whatever you're interested in, whether it’s mak.ing a fun website, giv.ing to a good cause, design.ing something beautiful, or edit.ing an existing document,” Google announced in a blogpost. 

Users were able to use .ing web domains for website building purposes from October 31st; however, early access to an URL will require payment of an additional fee. 

On the other hand, public access will be made available on December 5th, allowing anyone to start developing a website for the standard base price.

Who is making use of the new web domain? 

Some businesses were willing to pay the extra fee to get their.ing web domain up and running as soon as possible. Here are a few websites with the new URL that you can visit right now: 

Canvas - The popular web design platform has purchased the web domains design.ing and draw.ing for their respective tools.

Adobe Acrobat - This platform makes it simple to edit and sign PDFs, especially with the new, easy-to-access web domains. 

Giving Tuesday - Hopefully you guessed this one, with the popular charity organisation snagging the domain giv.ing for its website.

If you want to join the ranks of these.ing businesses, you should have a sizable budget because these new.ing web domains are not cheap. The Verge investigated and discovered that URLs featuring common words such as buy.ing can cost up to $129,999.99 per year to register.
Read more »
Tech Giant
Cyber Crime Cyber Squatting Domain Provider Lawsuit phishing Tech Giant

Freenom Suspends Domain Registrations After Being Sued by Meta

 

Freenom, a domain name registrar that has attracted spammers and phishers with its free domain names, no longer accepts new domain name registrations. The action was taken just days after Meta filed a lawsuit against the Netherlands registrar, alleging that the latter ignored abuse reports concerning phishing websites while generating revenue from visitors to such abusive domains, according to Brian Krebs.

Five so-called "country code top level domains" (ccTLDs) are managed by Freenom, including.cf for the Central African Republic,.ga for Gabon,.gq for Equatorial Guinea,.ml for Mali, and.tk for Tokelau. 

Freenom has never charged for the registration of domains in these country-code extensions, likely to entice consumers to pay for services that are related to them, such as registering a.com or.net domain, for which Freenom does charge a fee. 

Social media giant Meta filed a lawsuit against Freenom in Northern California on March 3, 2023, citing trademark infringement and violations of cybersquatting. The lawsuit also demands information on the names of 20 separate "John Does" — Freenom customers that Meta says have been particularly active in phishing assaults against Facebook, Instagram, and WhatsApp users. 

The lawsuit makes reference to a 2021 study on domain abuse done for the European Commission, which found that those ccTLDs run by Freenom comprised five of the Top Ten TLDs most frequently utilised by phishers. 

As per Brian Krebs, the complaint asserts that the five ccTLDs to which Freenom offers its services are the TLDs of choice for cybercriminals because Freenom offers cost-free domain name registration services and hides the identities of its customers even after being shown proof that the domain names are being used for unlawful purposes. Freenom keeps granting those same clients additional infringing domain names even after getting complaints from them about infringement or phishing. 

Meta further claims that "Freenom has repeatedly failed to take appropriate steps to investigate and respond appropriately to reports of abuse," and that it monetizes traffic from infringing domains by reselling them and by including "parking pages" that direct visitors to other commercial websites, pornographic websites, and websites used for malicious activities like phishing. 

Requests for comment have not yet received a response from Freenom. However, as at the time of writing, attempts to register a domain via the business' website resulted in the following error message: 

“Because of technical issues the Freenom application for new registrations is temporarily out-of-order. Please accept our apologies for the inconvenience. We are working on a solution and hope to resume operations shortly. Thank you for your understanding.” 

Freenom has its headquarters in The Netherlands, but the case also names a few of its other sister firms as defendants, some of which are established in the US. When Meta first filed this action in December 2022, it requested that the case be sealed in order to limit the public's access to court records related to the case. Following the denial of that request, Meta modified and re-filed the case last week. 

According to Meta, this isn't just an instance of another domain name registrar ignoring abuse concerns because it's bad for business. According to the lawsuit, Freenom's proprietors "are a part of a web of businesses established to promote cybersquatting, all for the advantage of Freenom." 

“On information and belief, one or more of the ccTLD Service Providers, ID Shield, Yoursafe, Freedom Registry, Fintag, Cervesia, VTL, Joost Zuurbier Management Services B.V., and Doe Defendants were created to hide assets, ensure unlawful activity including cybersquatting and phishing goes undetected, and to further the goals of Freenom,” Meta claimed. 

Brian further explained that although the reason for Freenom's decision to stop offering domain registration is yet unknown, it's possible that the company has recently been the target of disciplinary action by the nonprofit Internet Corporation for Assigned Names and Numbers (ICANN), which regulates domain registrars. 

In June 2015, ICANN put a 90-day hold on Freenom's ability to register new domain names or start inbound transfers of existing ones. ICANN's conclusion that Freenom "has engaged in a pattern and practise of trafficking in or use of domain names identical or confusingly similar to a trademark or service mark of a third party in which the Registered Name Holder has no rights or legitimate interest" is the basis for the suspension, according to Meta.


Read more »
Subscribe to: Posts (Atom)