In a troubling trend for enterprises and law enforcement, threat actors are ramping up their use of blockchain domains to hide malicious activity and improve their ability to withstand takedown efforts. Security vendor FireEye says it has observed a recent uptick in interest in cryptocurrency infrastructure in the cyber underground over the last year.
Many different software families have been reconfigured to use blockchain domains for command and control infrastructure, according to FireEye. The main advantage for threat actors in using blockchain domains is that the domains they register have no central authority — such as Internet Corporation for Assigned Names and Numbers (ICANN) or other third-party registrars.
Read more about how .bit domains are increasingly being used to hide payloads, stolen data, and command and control servers on DarkReading.