Tag: Whois data

ProPrivacy Open Data Project: Mapping Malicious Coronavirus Domains Using WHOIS Data

ProPrivacy Open Data Project: Mapping Malicious Coronavirus Domains Using WHOIS Data

The COVID-19 pandemic has driven many people to do almost everything within the confines of their homes. Nearly exclusive reliance on digital means to work, study, shop, and communicate amid uncertainty opened many avenues for cybercrime to take place—notably through the use of coronavirus-related domain names.

To demonstrate this trend, ProPrivacy has partnered with WhoisXML API and VirusTotal to investigate the extent to which cybercriminals are weaponizing the Domain Name System (DNS) in an open data project called “COVID-19 Malicious Domain Research Hub.”

Cyber Threat Intelligence in Action: Malicious COVID Footprint Enrichment, Expansion, and Infrastructure Analysis

Cyber Threat Intelligence in Action: Malicious COVID Footprint Enrichment, Expansion, and Infrastructure Analysis

We have been monitoring COVID-19 cyber threats for several months now. More recently, we partnered with GeoGuard to enrich a dataset of coronavirus-themed URLs and IP addresses with WHOIS data and domain reputation scoring, followed by a passive DNS analysis to enlarge the malicious footprint under the study. The three sections in this post discuss the results of our research in greater depth.

How to Check Site Activity & Validity with Domain and IP Intelligence Tools

How to Check Site Activity & Validity with Domain and IP Intelligence Tools

In an industry that increasingly gets more competitive every day, a seller’s reputation matters a lot. As personal selling is not possible online, e-commerce sites rely on several factors to establish consumer trust. Among them are reviews, which compensate for the lack of face-to-face transactions. In fact, 90% of consumers stated that positive reviews influence their purchasing decisions. Consistency in terms of the quality of one’s product and services also plays a crucial role in fostering trust.

But because digital commerce is cut-throat, online merchants sometimes resort to whatever it takes to maintain their share of the profits—even if they tarnish someone else’s reputation in the process. For instance, some sell replicas and pass them off as authentic items. They may also impersonate legitimate businesses on your site or manipulate product search results with blackhat marketing techniques. Finally, with the right exploit tools, some even manage to hijack someone else’s brand, starting with products and the target’s account.

This tutorial instructs users on performing vendor website assessments with enterprise-grade domain and IP intelligence solutions to prevent rogue sellers from abusing e-commerce platforms. But before we go on, let’s first deconstruct the reasons behind website audits.

How to Find Out Who Owns a Domain Name with Reverse WHOIS Search and WHOIS Database Download

How to Find Out Who Owns a Domain Name with Reverse WHOIS Search and WHOIS Database Download

In the past, there was no way for users to find out what other domains, if any, a particular registrant owns without first translating a domain name into an IP address. But with the shortage of available IPv4 addresses, which resulted in the assignment of shared IP addresses to unrelated individuals or even companies, that approach has become riddled with difficulties.

Even if you can pinpoint the owner of an IP address, a shared one would provide users with a list of domains that may take a lot of time to sift through. If that IP address turns up as an indicator of compromise (IoC) in a publicly accessible report, affected users would have to go through each related domain’s WHOIS records to get to the bottom of the issue. Imagine how long that would take if you had 30 domains or more to scrutinize.

Thankfully, domain intelligence providers like our company have streamlined this process with the introduction of tools like Reverse WHOIS Search and offerings such as WHOIS Database Download.

This post shows how users can find out who owns a domain name in five simple steps.

4 App Development Challenges a WHOIS Data Lookup API Can Help Address

4 App Development Challenges a WHOIS Data Lookup API Can Help Address

About 90% of the time people spend on their mobile devices is app use. And with almost half of the world’s 7.7 billion population using their phones and tablets every day, the app development market is indeed a financially rewarding sector. In fact, experts predict the overall market’s revenue to reach $407 billion by 2026.

But like any other booming market, the app development sector has several hurdles to overcome. What immediately comes to mind is the challenge of creating an app with minimal bugs and glitches. Then, there is also the issue of marketability. How do you make sure it gets downloaded and used by the people you created them for?

A WHOIS data lookup API may be able to help. We specifically explored four app development challenges where WHOIS API can make a difference.

How to Trace a Privately Registered Domain’s Owner By Using a WHOIS History Lookup Tool

How to Trace a Privately Registered Domain’s Owner By Using a WHOIS History Lookup Tool

With a myriad of free readily tools available online, it’s not so difficult to find out if someone else already owns a domain you’re eyeing or if that domain is available for purchase or registration. But that’s where most tools stop. Sometimes, more details such as a domain’s ownership history, including current and past registrants’ names and contact details, are hidden since most domain owners opt for privacy protection.

How to Retrieve Domain WHOIS History Data After Redaction

How to Retrieve Domain WHOIS History Data After Redaction

WHOIS information is indispensable for any cybersecurity researcher. It is an essential resource for tracking down registration owners for a variety of reasons that range from settling trademark and cybersquatting disputes to configuring websites. With WHOIS records, a security analyst or website administrator can quickly get in touch with a registrant owner to resolve or file a dispute, transfer a domain with ease, or set up a valid Secure Sockets Layer (SSL) certificate.

Leveraging Cyber Threat Intelligence: Must-Dos for Companies To Prevent Phishing and Other Attacks

Leveraging Cyber Threat Intelligence: Must-Dos for Companies To Prevent Phishing and Other Attacks

While phishing is considered one of the oldest threats in any cyber attacker’s arsenal, it still manages to work. The targeted organization or individual, social engineering bait, and the manner in which information gets stolen or malware is delivered may change. Still, the motivation often remains: to take someone’s details or even identity.

In many phishing scams, cybercriminals opt to create a fake company pretending to offer services that may be hard for users to resist. Such is the case of two confirmed phishing domains we analyze throughout this piece—technoarubacloud[.]com and teichdata[.]at. Any visitor lured to avail themselves of these two fake suppliers’ offerings is likely to be tricked into handing over personally identifiable information (PII) to the criminals behind the bogus sites.