Note: A special thanks to Ed Gibbs, WhoisXML API’s Advanced Threat Researcher & Technical Account Manager, for his help compiling the domain and subdomain files used in this post.
Cryptocurrencies keep making waves in the online community, making them prime vehicles of threat actors in scam, phishing, and other malicious campaigns. Fraudsters, for one, have stolen millions of dollars worth of cryptocurrencies from investors through websites that promise rewards, giveaways, and earning opportunities.
Does it mean it’s time to monitor crypto-related Internet properties that could end up being used in a scam?
The WhoisXML API security research team did so, and identified more than 31,000 crypto-related domains and subdomains and analyzed them based on the following angles of research:
- Screenshots: What do the domains look like?
- Registrant email addresses: Who owns the domains?
- Registrar details: Who manages the domains?