Exploit Kits Power a Rise in Creation of Malicious Domains

1 - Exploit Kits Power a Rise in Creation of Malicious Domains
2 - First DNS Threat Index Authored Solely by Infoblox
3 - DNS Threat Index Is Only a Representative Sampling
4 - DNS Threat Index Up by 49% Year Over Year
5 - U.S. Represents 72% of Malicious Domains
6 - Germany Also a Key Geography for Malicious Domains
7 - Exploit Kits Driving Malicious Domain Growth
8 - RIG Rises but Not for Long
1 of 8

Exploit Kits Power a Rise in Creation of Malicious Domains

The 4Q15 Infoblox DNS Threat Index shows a dramatic increase in malicious domains, powered in part by exploit kits.

2 of 8

First DNS Threat Index Authored Solely by Infoblox

While the DNS Threat Index was first released in July 2015, in the past it was a joint effort of Infoblox with threat intelligence vendor IID. In February of this year, Infoblox acquired IID for $45 million in cash.

3 of 8

DNS Threat Index Is Only a Representative Sampling

It's important to note that Infoblox's methodology is not a comprehensive list of all domains on the Internet, but rather is based on a representative sampling.

4 of 8

DNS Threat Index Up by 49% Year Over Year

The key trend identified by the report is that malicious domain creation grew in 2015 at a somewhat uneven rate. The fourth quarter saw a 5 percent gain over the third quarter but a 49 percent gain over the fourth quarter of 2014.

5 of 8

U.S. Represents 72% of Malicious Domains

While anyone anywhere in the world can potentially create and host a malicious domain, Infoblox found that 72 percent of malicious domains with a knowable country of origin were hosted in the U.S.

6 of 8

Germany Also a Key Geography for Malicious Domains

The Q4 DNS Threat Index reported that Germany came in second in terms of malicious domain geography, at 19.7 percent. Other countries had small representation, with Turkey at 1.8 percent, Ireland at 1.79 percent, Switzerland at 1.27 percent and the United Kingdom at 1.14 percent.

7 of 8

Exploit Kits Driving Malicious Domain Growth

A key consumer of malicious domains are exploit kits, which provide easy-to-use toolkits that enable attacks to exploit users. In the fourth quarter of 2015, Infoblox reported that the Angler exploit kit represented 56 percent of observed exploit kit activity.

8 of 8

RIG Rises but Not for Long

During the fourth quarter, Infoblox found a surge in the use of the RIG exploit kit, pushing it into second place ahead of Magnitude. RIG's surge is likely short-lived, though, thanks to actions taken in early 2016 by Cisco to disrupt the exploit kit's operations.

Top White Papers and Webcasts