Threat actors often ride on the latest news and current events to lure users to their specially crafted malicious websites. We’ve seen that happen with the onset of the COVID-19 pandemic1 and the birth of the Black Lives Matter movement.2
We may see that happen again given the hype surrounding Elon Musk’s recent purchase of Twitter.3
Our deep dive into the matter revealed:
- A smattering of domain and subdomain registrations containing the string combination “elon + musk + twitter” in the past two weeks or so
- More than 20,000 domains and subdomains containing the string combination “elon + musk” and string “twitter” registered for all time
- Around 150 domains and subdomains possibly connected to the current event have already been dubbed “malicious” by various malware engines
Download a sample of the threat research materials now or contact us for accessing the complete research materials.
—
- [1] https://circleid.com/posts/20210503-covid-19-bulk-domain-registrations-possible-case-of-dns-abuse/
- [2] https://circleid.com/posts/20200614-hundreds-of-george-floyd-black-lives-matter-domains-appear-in-dns
- [3] https://www.theverge.com/2022/4/25/23028323/elon-musk-twitter-offer-buyout-hostile-takeover-ownership