Hacker News new | past | comments | ask | show | jobs | submit login
.zip top level domains being used in cyber attacks (ghacks.net)
26 points by yujian on May 16, 2023 | hide | past | favorite | 20 comments



If https://microsoft-office.zip can fool people then why not https://microsoft-office.info or https://microsoft-office.app or https://microsoft-office.ninja?


Years ago .info had the reputation of being only used by scammers/phishers. I knew several small mail service providers that just blocked *.info by default since the majority of delegations were not legitimate. Every new TLD suffers from this at first as there is a land rush by criminals.

I think people are more worried about TLDs like .zip (and .app) since they look familiar to normal users and they routinely click on those and don't think about them being a valid URL now.


Not just .info.

Because of that, as unfair as it is, to this day when I see one of the extended TLDs, I get more suspicious about the site. I tend to avoid them unless I'm very sure they're legit.


.biz is the one I always remember as being scam-central


It's weird how entire TLDs get reputations like that.

NY's transit agency - the MTA - used (and still uses) the domain mta.info. My high school blocked that domain, along with every other info domain.

I have a .xyz domain that I briefly wanted to use for email, but services blocked it based entirely off the TLD. Using the same mail service (fastmail) I could send mail from my .net domains.


I think this narrative is just being sold before .zip is a new domain, I find it interesting how fast things are leveraged for hacking though, I'm wondering why this isn't as commonly noted in the AI space (where I work)


Because the person pushing this panic never heard of those.


The problematic scenario is described here: https://www.reddit.com/r/programming/comments/13fsvl5/the_zi...


Because they have already dealt with zipfiles, but not with infofiles or appfiles or ninjafiles.


Nor COM files apparently.


Yes, because we're not in the 80s anymore. There are virtually no COM files around anymore. Compare that to zip files, which are still widely used in all kinds of jobs.


And people today are a lot dumber than people in the 90s?


If nothing else, the average technological competency of the average computer user is significantly lower.


> It seems that Google has reduced the registration price to $15 per year for a .zip domain last week, which appears to be less than halve the previous price. The price drop appears to have increased interest for .zip domains, and some new registrations are already used in phishing campaigns.

It is interesting that $15 a year is enough savings to justifying starting a new phishing attempt. I assumed there was so much money in phishing that an extra ~$1.05 a month could be easily absorbed.

Either way, I'm shocked that a .zip domain was ever approved. This should have been obvious for whatever mysterious board approves TLDs.


Same, don't really understand why there is a need for the .zip domain, but I also don't know why I can't just make any suffix a domain suffix


But then why have TLDs at all?


And here I thought Google purchased those TLDs to prevent spoofing and phishing attempts. Not to start selling domains under each.


Isn't this a good chance to provide the public a way to save their time for those that are stuck in terminal only land.


Are there any TLDs that aren't being used in cyber attacks?


Probably most of this list:

https://en.wikipedia.org/wiki/List_of_Internet_top-level_dom...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: