Google decides to ban all .co.cc domains as a result of mass abuse. The entire .co.cc sites were blocked citing its difficult in preventing abuse as it could pose a threat in the long run.
The .co/.cc domains offered second-level domain (SLD) or sub-domains that doubled as ?freehost.? Thousands register with these sub-domains and use it to distribute malware and fake anti-virus products on the web.
Google decided to deindex the entire .co.cc second-level domain (SLD) early this month due to the number of malicious web sites registered under that name space. Regular .cc websites will not be affected by Google’s changes.
How they work
The .co/.cc registry is run by a Korean company and contains over 11.3 million domain names. The registry allowed bulk registrations of up to 15,000 domain names at a time for a mere $1,000. The low price and flexibility made .co/.cc domains a Harlem for cyber-criminals, especially to that ran fake antivirus schemes.
In the second half of 2010, .cc registry reported 4, 963 phising attacks. The company also claims to have 11,383,736 registered domains and 5,731,278 user accounts, making it one of the largest domain extensions in the world.
However, SLDs are the not the only one available to scammers. According to security researchers from Trend Micro, co.tv, wo.tc, dlinkdns.com, cz.cc and other similar services also rank high in the statistics. Martin Roesler, director for Threat Research, said major cyber criminals might have already moved from .co and .cc to other abused second-level domains.
Google?s approach is likely to be more problematic in future. ICANN has given permission to expand domain name system with arbitrary top-level domains (TLDs), beginning in 2012. This will significantly increase the number of options for cyber-criminals and will make ban enforcement much harder.
Strategic blocking methods
Security experts believe that the best way to tackle this is to work with TLD registry operators to put pressure on SLD owners to keep their domains clean. If the .cc registry operator suspends all .co.cc web sites and prevent them from working, then such a measure would prevent cyber-criminals from abusing than Google?s ban.
Roesler? said, “The only real and practical solution for users is multilayered protection, a combination of email, Web and file reputation technologies that correlate malicious components?much like the Smart Protection Network, which also allows users to take advantage of and contribute to a worldwide ?neighborhood watch.”
Source: Inquirer, gmanews