Threat Actors Turn to Blockchain Infrastructure to Host & Hide Malicious Activity

In a troubling trend for enterprises and law enforcement, threat actors are ramping up their use of blockchain domains to hide malicious activity and improve their ability to withstand takedown efforts. Security vendor FireEye says it has observed a recent uptick in interest in cryptocurrency infrastructure in the cyber underground over the last year.

Many different software families have been reconfigured to use blockchain domains for command and control infrastructure, according to FireEye. The main advantage for threat actors in using blockchain domains is that the domains they register have no central authority — such as Internet Corporation for Assigned Names and Numbers (ICANN) or other third-party registrars.

Read more about how .bit domains are increasingly being used to hide payloads, stolen data, and command and control servers on DarkReading.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here