How the SVB and Credit Suisse Crash Was Reflected in the DNS | WhoisXML API

Threat Reports

How the SVB and Credit Suisse Crash Was Reflected in the DNS

Domain registrations and subdomain additions often tend to be linked to noteworthy events, such as the recent collapses of the Silicon Valley Bank (SVB), Credit Suisse, Silvergate Capital Corp., Signature Bank, and the First Republic Bank.1, 2

Just as threat actors found ways to weaponize pandemic-related domains and subdomains, they could do the same with bank collapse-connected web properties. Our recent foray into the DNS in search of trends helped us to obtain:

  • 1,200+ domains containing the strings siliconvalleybank, creditsuisse, silvergatecapital, signaturebank, and firstrepublicbank, 20 of which turned out to be malicious
  • 3,900+ subdomains containing the strings siliconvalleybank, creditsuisse, silvergatecapital, signaturebank, and firstrepublicbank, three of which turned out to be malware hosts
  • 30+ domains and one subdomain containing the string bankcollapse
  • 270+ domains and 420 subdomains containing the string bankalert, 21 and 12 of which, respectively, turned out to be malicious
  • 120+ domains and 190+ subdomains containing the string bankupdate, eight and 23 of which, respectively, turned out to be malware hosts

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1] https://www.theguardian.com/commentisfree/2023/mar/21/bankers-collapse-svb-credit-suisse
  • [2] https://www.dnaindia.com/explainer/report-explained-after-4-us-banks-collapse-within-11-daysknow-reason-behind-financial-turmoil-in-us-banking-industy-3031219
Try our WhoisXML API for free
Get started