TMCnet News
DomainTools Presents "Patterns of Malicious Infrastructure (Re)Use in Ukraine-Themed Domains" at mWISE Conference 2022SEATTLE, Sept. 28, 2022 (GLOBE NEWSWIRE) -- DomainTools, the leader for Internet intelligence, today announced that Aaron Gee-Clough and Tim Helming will be featured presenters at the mWISE Conference 2022 being held October 18-20, 2022, at the Washington Hilton in Washington, DC. mWISE, the Mandiant Worldwide Information Security Exchange, expands upon the 11-year history of Mandiant Cyber Defense Summit. The inaugural, vendor-neutral conference will bring together the global cyber security community to convert knowledge into collective action in the united fight against persistent and ever-evolving cyber threats. In the session, Gee-Clough, DomainTools senior data engineer and Helming, security evangelist, will demonstrate real-world examples of a domain bloom. “Domain Blooms” are a rise in domain registrations containing a specific word, followed by a gradual decline. In this case, they will be examining a bloom where the domains contain the word "Ukraine," “Ukrainian,” and the Cyrillic version of “Ukraine.” This bloom corresponded with the Russian invasion of Ukraine. Their analysis shows an elevated risk level compared to the Internet as a whole, but perhaps more importantly, found "hotspots" of even more concentrated phishing, malware, and spam activity tied to certain features (IP address, name server, ASN, etc.). “By analyzing connections found in some o these values, we have identified other clusters of malicious infrastructure that extended beyond the Ukraine theme, pointing toward other campaigns centered on patterns such as cryptocurrency, spoofing of legitimate enterprises like technology companies, banks, gaming, and others,” explained Helming. The work performed by DomainTools underscores the continuing value of infrastructure analysis as an approachable method for identifying and isolating harmful assets threatening protected environments. “Patterns of Malicious Infrastructure (Re)Use in Ukraine-Themed Domains” will take place at 11:45am PT on Wednesday, October 19. For the full agenda, visit https://mwise.mandiant.com/event/d4bc98ec-f502-4acc-afc7-d9e9b960bb18/websitePage:a325af6e-7b84-43b6-bd10-ddf565509e0f About DomainTools Media Contact: Paula Brici Eskenzi PR +1 949 677 6527 [email protected] |