Subscribe to RSS Feed

12|04|2009 12:50 pm EDT

McAfee calls .CM “Most Dangerous Country Domain”

by Frank Michlick in Categories: ccTLDs

Tags: , , , , , , , , , , , , ,

By Incurable Hippie (Flickr)

By Incurable Hippie (Flickr)

With some of the recent sales of .CM (Cameroon) domains at various domain auctions, we  asked what those domains were actually worth. Well, it seems their resale value just took another drop, as McAfee called .CM the “Most Dangerous Country Domain” in their latest “2009 Mapping the Mal Web” report. .CM replaces .HK (HongKong) from this spot and .JP (Japan) is considered the world’s safest ccTLD and .GOV the safest non-country TLD.

“This report underscores how quickly cybercriminals change tactics to lure in the most victims and avoid being caught. Last year, Hong Kong was the riskiest domain and this year it is dramatically safer,” said Mike Gallagher, chief technology officer for McAfee Labs. “Cybercriminals target regions where registering sites is cheap and convenient, and pose the least risk of being caught.”

Cameroon, a small African country that borders Nigeria, jumped to the number one spot this year with 36.7 percent of the .cm domain posing a security risk, but did not even make the list last year. Because the domain .cm is a common typo for .com, many cybercriminals set up fake typo-squatting sites that lead to malicious downloads, spyware, adware and other potentially unwanted programs.

More details can be found in McAfee’s report summary.

06|04|2008 01:28 pm EDT

McAfee Identifies The “Mal-web” In Domain Names

by Adam Strong in Categories: ccTLDs

Tags: , , , , , , ,

Anti-virus software maker McAfee released their second “Mapping the Mal Web” (PDF) report today. The McAfee report attempts to map and identify the specific domain names where malicious websites reside. This is the second year for the report. In the 2007 report, the .tk extension was reported to have the highest number of malicious websites with over . This year Hong Kong domain name extension .hk takes away the title with 19.2% , followed closely by China’s .cn with 11.8%.  Within the generic domain name extensions (gTLDs) .info ranked in with 11.7% of all sites ending in .info posing a security threat. The second rank in gTLDs went to .net with 6%. The report claims that a little under 5% of .com domain names were found to be risky. McAfee also identified the domains with the least amount of risk reside in the .gov, .jp and .au extensions.
The newest report specifically points to .hk and .cn domain names as having a substantially higher percentage of malicious websites. In the 2007 report, McAfee had not pointed to those extensions as having such high percentages.

Shane Keats, research analyst for McAfee and lead author of the report, said the increase in dangerous sites registered under the “.hk” and “.cn” domains over last year’s report was caused in part by better data collection on McAfee’s part on those domains and by apparent security lapses in some registrar companies’ processes for registering addresses.

The 2007 report claimed the .tk extension to have one of the highest percentages (10.1%). After the McAfee report was released, Dot TK, operators of the registry for Tokelau, implemented changes geared toward the reduction of these malicious sites. The .tk extension dropped considerably to #28 this year. Dot TK faced a 10% decline in registrations and a backlash from adveritsers running ads on .tk landing pages. The domain business reportedly accounts for a “double digit” percentage of the GDP of Tokelau. One could assume that the reduction in domain registrations that .tk felt will now be seen at the .hk, .cn and .info domain registries. This news should come as a wake up call to these operators.

The high percentage of malicious sites found on the .info extension may also be read as another “nail in the coffin” for the gTLD. The McAfee report follows on the heels of the news earlier last week that Google was dropping .info domains from search listings. All of this bad news can’t be sitting well for the .info registry or anyone heavily invested in .info domain names.