DomainTools Presents “Patterns of Malicious Infrastructure (Re)Use in Ukraine-Themed Domains” at mWISE Conference 2022
Internet Intelligence Experts to Share Insights on Patterns of High-Risk Domains Related to the Russian Invasion of Ukraine
DomainTools, the leader for Internet intelligence, announced that Aaron Gee-Clough and Tim Helming will be featured presenters at the mWISE Conference 2022 being held October 18-20, 2022, at the Washington Hilton in Washington, DC.
mWISE, the Mandiant Worldwide Information Security Exchange, expands upon the 11-year history of Mandiant Cyber Defense Summit. The inaugural, vendor-neutral conference will bring together the global cyber security community to convert knowledge into collective action in the united fight against persistent and ever-evolving cyber threats.
In the session, Gee-Clough, DomainTools senior data engineer and Helming, security evangelist, will demonstrate real-world examples of a domain bloom. “Domain Blooms” are a rise in domain registrations containing a specific word, followed by a gradual decline. In this case, they will be examining a bloom where the domains contain the word “Ukraine,” “Ukrainian,” and the Cyrillic version of “Ukraine.” This bloom corresponded with the Russian invasion of Ukraine. Their analysis shows an elevated risk level compared to the Internet as a whole, but perhaps more importantly, found “hotspots” of even more concentrated phishing, malware, and spam activity tied to certain features (IP address, name server, ASN, etc.).
Marketing Technology News: Swedish AdTech company, BrightBid taps into London’s Dynamic Start up Scene to Accelerate Growth
“By analyzing connections found in some of these values, we have identified other clusters of malicious infrastructure that extended beyond the Ukraine theme, pointing toward other campaigns centered on patterns such as cryptocurrency, spoofing of legitimate enterprises like technology companies, banks, gaming, and others,” explained Helming.
The work performed by DomainTools underscores the continuing value of infrastructure analysis as an approachable method for identifying and isolating harmful assets threatening protected environments.
Marketing Technology News: MarTech Interview with Etai Beck, CEO at Folloze