Home / Blogs

Compromised Portfolios of Legitimate Domain Names for Sale

  • Oct 24, 2008 10:33 AM PDT
  • Comments: 0
  • Views: 3,812
Print Comment
By Dancho Danchev
Dancho Danchev

Is the demand for access to compromised legitimate portfolios of domain names — where the price is based on the pagerank and is shaped by the number of domains in question — the main growth factor for the increasing supply of such stolen accounting data? Or is it the result of cybercriminals data mining their botnets for accounting data that would provide them with access to such portfolios of high trafficked domains with clean reputation? Moreover, would such a data mining approach made easily possible due to the availability of botnet parsing services and stolen accounting data dumps streaming directly from a botnet? And would this in fact be a more efficient approach in injecting their malicious presence on as many hosts as possible — next to the plain simple massive SQL injection approach?

As always, it's a matter of who you're dealing with, and their understanding of the exclusiveness of a particular underground item at a given period of time. This exclusiveness is inevitably going to increase due to the fact that there are several "vendors" that are already purchasing access to such portfolios, as well as compromised Cpanel accounts as a core business. They would later resell the access at a higher price, enjoying the underground market's lack of transparency, or directly monetize and break-even immediately. As for this particular proposition for an account with 404 domains in it, it's interesting to monitor how the seller is soliciting bids from multiple sources by leaving the price an open topic, clearly indicating his low profile into the underground ecosystem. How come? An experienced seller or buyer would be offering or requesting pagerank verification respectively.

With nearly each and every aspect of cybercrime already available as a service, or literally outsourced as a process to those supposedly excelling into a particular practice, building capabilities for data mining botnets are no longer a requirement. People behind the botnets monetize all the data coming from it by soliciting deals of accounting data dumps based on a particular country.

By Dancho Danchev, Independent Security Consultant. Visit the blog maintained by Dancho Danchev here.

Related topics: Domain Names, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

How to Stop the Spread of Malware? A Call for Action

  • May 20, 2013
  • Comments: 1

ICANN at the Inflection Point: Implications and Effects Of the GAC Beijing Communique

  • May 13, 2013
  • Comments: 1

What New gTLD Applicants Need Is a Quick, Lightweight Answer to the World's Governments. Here It Is.

  • May 10, 2013
  • Comments: 1

Government Hacking: Proposed Law in the Netherlands

  • May 08, 2013
  • Comments: 0

Bypassing Geo-Locked BYOD Applications

  • May 07, 2013
  • Comments: 0
View More

Related News

Hundreds of Syrian Domains Seized As a Result of Trade Sanctions

  • May 09, 2013
  • Comments: 0

Arrest Made in Connection to Spamhaus DDoS Case

  • Apr 29, 2013
  • Comments: 0

Massive Spam and Malware Campaign Following Boston Tragedy

  • Apr 17, 2013
  • Comments: 0

China and the United States Agree on Forming Joint Cybersecurity Working Group

  • Apr 15, 2013
  • Comments: 0

SPECIAL: Updates from the ICANN Meetings in Beijing

  • Apr 12, 2013
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNS SecurityRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

.IN.NET - New Internet Address for India, Launching June 17th

Radix Registry Passes 4 New gTLD Initial Evaluations

DomainsBot to Help Professionals Find .PRO Internet Addresses More Easily

INTA 2013: Gearing Up for Dallas

Hope is Not a Strategy: Neustar Releases 2012 Annual DDoS Attack and Impact Survey

.PW Crosses 50,000 Domain Registrations in 3 Weeks

  • By .PW
  • Views: 2,854

The Ratings Are In: Measuring .ORG's Trust and Success in Numbers

  • By PIR
  • Views: 2,647

How Neustar Technology Can Help Mitigate DDoS Attacks

dot Brand or dot What? Consumers Unaware of New TLDs, Including .Google, .Microsoft and .Nike

Zodiac Prepares for Chinese New gTLDs, Announces "Chinese Advisory Services" for New gTLD Applicants

.PW General Availability Opens With More Than 4000 Orders in 30 Minutes

  • By .PW
  • Views: 3,123

CentralNic Powers First New Top-Level Domains Announced by ICANN

Invitation to a Seminar on "A New Beginning - Domain Name Market in China"

LogicBoxes Announces Vertical Integration Solutions for New gTLDs

.PW Registry Extends Landrush Till March 22, 2013

  • By .PW
  • Views: 3,142

DCA Registry Services Participates in ICANN Africa Strategy Meeting, Addis Ababa

Network Solutions & Register.com, Web.com, become 100th and 101st Accredited Registrars for .PW

  • By .PW
  • Views: 3,051

gTLD Update: No TLDH or Client Strings Affected

Public Interest Registry Releases Report Revealing Continued Growth of the .ORG Domain

  • By PIR
  • Views: 2,981

.PW Landrush Goes Live

  • By .PW
  • Views: 3,105
View More

Sponsored Topics

Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Neustar

DNS

Sponsored by
Neustar
dotMobi

Mobile

Sponsored by
dotMobi
Afilias

DNS Security

Sponsored by
Afilias
View All Topics