Skip to navigation
Latest News

Blocking domain won't stop spam, Google warned

bad URL

By Nicole Kobie

Posted on 11 Jul 2011 at 10:14

Google's move to block malware by dumping ".co.cc" domains is a "short-term band-aid solution", according to one security firm.

Last week, Google blocked the entire .co.cc domain, saying its 11 million sites were predominantly malware and spam.

TrendMicro has warned that cyber criminals have already moved on from the .co.cc second-level domain (SLD), leaving real businesses on that address out of luck.

As a means to protect users, we do not think this is a good solution

"Based on our research and monitoring of malicious domains and cybercrime activity, we know for a fact that all major cybercriminals have already moved from .co.cc to other similarly abused SLDs like .rr.nu or .co.tv," said Martin Roesler, director of threat research, in a post on the TrendLabs blog, adding criminals frequently hop from one domain to another.

"As a means to protect users, we do not think this is a good solution," he said.

Instead of blocking an entire block of domains, Google could make a "real and lasting impact" by working more closely with registrars.

"For instance, Google’s massive visibility into the totality of search queries done worldwide can allow it to acquire enough evidence to influence and to put pressure on registrars to pull out SLDs that host malicious activities," he said.

"This is much more effective instead of simply restricting user access to an entire block since we know cybercriminals will just choose to jump SLDs (they are already doing so)," he added. "This also unjustifiably penalises those who are actually using the said SLD for legitimate purposes."

The .co.cc domain isn't a standard SLD, however. It is technically not an officially authorised SLD but a so-called freehost. A Korean firm owns the "co" part on the .cc domain - a top-level domain (TLD) for the Cocos Islands - and gives domain names away for free or very cheaply, making them ideal for spam and malware.

Top-level troubles

Roesler added that the problem is set to get worse, following the announcement by ICANN that TLDs will be opened up.

"The recent ICANN decision — to add a nearly unlimited number of new top-level domains — will make the problem even more complex in the very near future," he said.

"Add to this the fact that ICANN requires parties interested in becoming a TLD registrar to deposit a certain sum of money in order to get accredited," he added. "Knowing how the cybercriminal mind works, we are pretty sure this is practically an open invitation for cybercrime gangs to launder money while running a completely malicious TLD."

Is your business a social business? For helpful info and tips visit our hub.

Subscribe to PC Pro magazine. We'll give you 3 issues for £1 plus a free gift - click here
User comments

Hmmmm...

I think we will see the end of piracy before we see any dip in the level of spam from dodgy domains.

It is just sad fact that having an open interweb means people can do bad as easily [if not easier] than do good.

I think I would rather try and push treacle up a hill on a sunny day than be responsible for such matters.

By Anonymouse on 11 Jul 2011

@Anonymouse

I wouldn't want to do it for long, but would quite like to try pushing treacle uphill on a sunny day.

By tirons1 on 11 Jul 2011

@tirons1

You kinky devil :)

By chapelgarth on 11 Jul 2011

Leave a comment

You need to Login or Register to comment.

(optional)

advertisement

Latest Blog Posts Subscribe to our RSS Feeds
Latest ReviewsSubscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
Loading
WEB ID
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2010
 
 

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.