web analytics

Dot .OM kingdom : Omani domains used in malware attacks!

ZFBot
Some dot .OM domains are being used for nefarious purposes.

Some dot .OM domains are being used for nefarious purposes.

If you felt safe with your dot .com, there is now a reason to double-check your destination domain for typos, every time you visit one.

Domain typo-squatters are using Omani domain names that end in dot .OM, to spread malware and to monetize traffic that spills over from the matching .com.

The Sultanate of Oman utilizes .OM ccTLD for its national presence on the Internet.

According to a very extensive research article by security company Endgame, dot .OM domain names can be registered for $269 per year, and many famous trademarks and brands are being squatted.

Some of these domains include YouTube.om, BankOfAmerica.om, Reddit.om, Yahoo.om, LinkedIn.om, Baidu.om and Gmail.om – you get the idea by now!

According to the article:

“We began our research of .om abuse by attempting to determine how many .om domains are associated with popular sites, who is registering these domains, and what is hosted at those sites.  

To do this, we went through the 5,000 most popular domains globally and attempted to resolve whether the brand had an associated <brand>.om or <brand>c.om.  

We discovered 334 domains that meet this criteria and are currently pointing to active sites.  There may be others that are registered, but are currently down or are in the process of being purchased.”

Caution: some of these domains are not considered safe and we would advise against visiting them for “testing” purposes. They might contain malware, viruses and trojans.

Here’s the WHOIS info for Netflix.om:

Domain Name:                     netflix.om
Last Modified:                   10-Mar-2016 07:15:19 UTC
Registrar Name:                  Oman Data Park LLC (ODP)
Status:                          ok

Registrant Contact ID:           O1000633
Registrant Contact Name:         Ahmed Al amri
Registrant Contact Email:        Visit portal.registry.om/whois for Web based WhoIs
Registrant Contact City:         Muscat
Registrant Contact Country:      om

Tech Contact ID:                 O1000633
Tech Contact Name:               Ahmed Al amri
Tech Contact Email:              Visit portal.registry.om/whois for Web based WhoIs
Tech Contact City:               Muscat
Tech Contact Country:            om

Name Server:                     ns10.dnsmadeeasy.com
Name Server:                     ns11.dnsmadeeasy.com
Name Server:                     ns12.dnsmadeeasy.com

The Endgame article, titled “What does Oman, the House of Cards, and Typosquatting Have in Common? The .om Domain and the Dangers of Typosquatting” can be read here.


Facebooktwitterredditpinterestlinkedinmail
Copyright © 2019 DomainGang.com · All Rights Reserved.

Leave a Reply

Your email address will not be published. Required fields are marked *

 characters available