Summary:
Our analysis of nearly 22 million newly registered domains (NRDs) from July to September 2024 reveals a 2.05% increase in NRDs compared to the previous quarter. The report highlights trends in domain registrations, including the popularity of specific top-level domains (TLDs), leading registrars, and insights into malicious domains tagged as indicators of compromise (IoCs).
Keypoints:
- 22 million domains analyzed from July to September 2024.
- 2.05% increase in NRDs compared to Q2 2024.
- gTLD registrations declined by 0.63%, while ccTLD registrations rose by 11.24%.
- .com remains the most popular gTLD, with .cn leading among ccTLDs.
- GoDaddy is the top NRD registrar with 16.31% market share.
- Amazon Technologies accounted for 4.15% of NS resolutions in the past year.
- 17.29% of malicious domains tagged as IoCs were .com domains.
- Other gTLDs in the top 10 for IoCs include .org, .net, and .biz.
- ccTLDs .ru and .cn also appeared in the top 10 IoCs.
MITRE Techniques
- Command and Control (T1071): Utilizes multiple command and control domains to maintain communication with compromised systems.
IoC:
- [domain] .com
- [domain] .org
- [domain] .net
- [domain] .biz
- [domain] .info
- [domain] .bazar
- [domain] .life
- [domain] .tickets
- [domain] .ru
- [domain] .cn
Full Research: https://circleid.com/posts/global-domain-activity-trends-seen-in-q3-2024