Behind the Bylines of Fake News and Disinformation Pages | WhoisXML API

Threat Reports

Behind the Bylines of Fake News and Disinformation Pages

Fake news and disinformation campaigns pose real risks to nations worldwide as evidenced by research done by Statista.1 Their peddlers’ motivation? Political and financial gain, according to some opinions.2

In an effort to provide U.S. law enforcement agencies with actionable intelligence, WhoisXML API threat researcher Dancho Danchev scoured the Web for as many potentially connected digital properties as possible.

Our deep dive into the threat revealed:

  • 1,329 domains that have been publicized as indicators of compromise (IoCs) that led to the discovery of close to 50 personal email addresses that were used to register them
  • Nearly 35,000 domains that could potentially be tied to ongoing fake news and disinformation campaigns given that they share registrant email addresses or IP addresses with the domain IoCs, hundreds of which were dubbed “malware hosts”
  • More than 2,000 unique IP addresses to which the domain IoCs resolved, almost 20 of which were found malicious

Download a sample of the threat research materials now or contact us for accessing the complete research materials.

  • [1]
  • [2]
Try our WhoisXML API for free
Get started