A new technique has been discovered being leveraged by Angler Exploit Kit in the wild. This technique, domain shadowing, involves using hacked registrant accounts to create subdomains. This is the next evolution in evasion techniques for hackers and takes advantage of the fact that most people don't log in to their accounts except to renew or make a change. This allows attackers to evade traditional blacklisting technologies easily increasing the attack window. The talk will discuss the scope and details of this new technique as well as cover both the potential detection challenges and solutions.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek