Dissecting 1M+ Malicious Domains Under the DNS Lens
As domain names continue to serve as threat actors’ primary initial access vehicles, WhoisXML API researchers analyzed over 1 million malicious domains listed by Threat Intelligence Data Feed (TIDF) on 13 April 2023. Through our analysis, we:
- Determined the distribution of the domains by threat type—phishing, malware distribution, spam, and other cyber attacks
- Looked at their TLD distribution
- Discovered the top registrars and ISPs that had control over them
- Determined the locations of their IP resolutions and registrations
- Analyzed the presence of cybersquatting domains imitating some of the most impersonated brands.
Download a sample of the threat research materials now or contact us to access the complete set of research materials.