Ownerless web domains rigged to redirect visitors to dangerous addresses

Lapsed URLs used to infect victims with various malware strains

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Fraudsters are using lapsed web domains to redirect visitors to dangerous URLs, designed to spreadadwareand other forms of malicious content.

According to security firm Kaspersky, around 1,000 inactive domains are rigged to redirect users to blacklisted pages, some of which are capable of triggeringmalwaredownloads.

Cybercriminals used these thousand domains to route users to over 2,500 unrelated URLs, 89% of which were designed to generate advertising profits (malvertising campaigns) and 11% either contained malicious code or prompted the visitor to download infected documents and executables.

Dangerous web domains

If a company or individual decides not to renew their ownership of a web domain, the URL traditionally redirects visitors to an auction stub notifying them of its availability.

However, in some instances, hackers have found a way to replace the auction stub with a dangerous redirect mechanism. Kaspersky believes scams of this kind are likely made possible by flaws in ad filtering systems.

Researchers found one of the malicious pages identified received an average of 600 redirects every ten days, with hackers likely receiving payment based on the number of visitors funneled to the site.

“Unfortunately, there is little users can do to avoid being redirected to a malicious page. The domains that have these redirects were - at one point - legitimate resources…and there is no way of knowing whether or not they are now transferring visitors to pages that download malware,” explained Dmitry Kondratyev, Junior Malware Analyst at Kaspersky.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“In general, malvertising schemes like these are complex, making them difficult to fully uncover, so your best defense is to have a comprehensive security solution on your device.”

Beyond installing high-qualityantivirus software, Kaspersky also noted users can minimize the risk of infection by installing applications and updates from trusted sources only.

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Australian Beach Volleyball Tour live stream: How to watch bronze and gold medal matches online for free, finals, start time