Beyond the malicious and phishing activities of the ActiveWeb, lurks suspicious activity with new domain registrations in the ProActiveWeb.
Domain Generated Algorithms (DGAs)
These algorithms are used in a variety of malware types to create a large number of domain names for use in communication with command and control (C&C or C2) servers. In order to achieve autonomous update capabilities, C&C server destinations are often hard-coded into the malware itself—making it easier for law enforcement and cybersecurity forces to find and shut down. DGAs create a large number of potential communication points, and allows malware to reach out to any number of those points—at random—to request updates.
Over the last decade, Domain Generation Algorithms (DGAs) have become a popular tool for threat actors to deliver malware as it has become a difficult technique for defenders to counter attacks.
Domain Generation Algorithms (DGAs) are a key tool for threat actors. As DGAs become more sophisticated and increasingly difficult to detect, zvelo’s Cybersecurity Team recommends heightened awareness and shares what you need to know.