Line 133: |
Line 133: |
| On January 31, 2022, the [[European Commission]] published a [https://op.europa.eu/en/publication-detail/-/publication/d9804355-7f22-11ec-8c40-01aa75ed71a1/language-en/format-PDF/source-search Study on DNS Abuse], conducted by Fasano Paulovics Società tra Avvocati and Institut Polytechnique de Grenoble. Its key findings included:<ref>[https://op.europa.eu/en/publication-detail/-/publication/d9804355-7f22-11ec-8c40-01aa75ed71a1/language-en/format-PDF/source-search Study on DNS Abuse Technical Report Appendix 1, Directorate-General for Communications Networks, Content and Technology (European Commission), Fasano Paulovics Società tra Avvocati, Grenoble INP-UGA Institute of Engineering 2022-01-31]</ref> | | On January 31, 2022, the [[European Commission]] published a [https://op.europa.eu/en/publication-detail/-/publication/d9804355-7f22-11ec-8c40-01aa75ed71a1/language-en/format-PDF/source-search Study on DNS Abuse], conducted by Fasano Paulovics Società tra Avvocati and Institut Polytechnique de Grenoble. Its key findings included:<ref>[https://op.europa.eu/en/publication-detail/-/publication/d9804355-7f22-11ec-8c40-01aa75ed71a1/language-en/format-PDF/source-search Study on DNS Abuse Technical Report Appendix 1, Directorate-General for Communications Networks, Content and Technology (European Commission), Fasano Paulovics Società tra Avvocati, Grenoble INP-UGA Institute of Engineering 2022-01-31]</ref> |
| # The overall health of [[TLD]]s: | | # The overall health of [[TLD]]s: |
− | #* nTLDs, 6.6% of the market, are the most abused group of TLDs. In 2021, 20.5% of all abused domain names were registered in new gTLDs. Specifically, the two most abused nTLDs together account for 41% of all nTLD abuse. | + | #* nTLDs, 6.6% of the market, are the most abused group of TLDs in relative terms. In 2021, 20.5% of all abused domain names were registered in new gTLDs. Specifically, the two most abused nTLDs together account for 41% of all nTLD abuse. |
− | #* EU ccTLDs are the least abused; only 0.8% of all abuse ([[Compromised Domain]]s and [[Malicious Domain]]s) were registered under EU ccTLDs. | + | #* Legacy TLD domains, 53% of the market, comprise almost 49% of DNS abuse. Domains in [[.com]] and [[.net]] TLDs are the most abused. |
| + | #* EU ccTLDs are the least abused; only 0.8% of all abuse ([[Compromised Domain]]s and [[Malicious Domain]]s) were registered under EU ccTLDs. [[.eu]], [[.de]], [[.nl]], [[.fr]], [[.pl]], [[.it]], [[.es]], and [[.be]] account for 76% of all abuse among EU ccTLDs. |
| + | ccTLDs.Abused [[.ru]] and [[.su]] second-level domain names account for 75% of all abused domains among non-EU ccTLDs. |
| # [[Malicious Domain]]s and [[Compromised Domain]]s: | | # [[Malicious Domain]]s and [[Compromised Domain]]s: |
| #* Most [[spam]] and [[Botnet Attacks|botnet]] control and command [[domain name]]s are maliciously registered. | | #* Most [[spam]] and [[Botnet Attacks|botnet]] control and command [[domain name]]s are maliciously registered. |
Line 141: |
Line 143: |
| #* [[Registries]] and [[registrars]] can act at the DNS level but not on the hosting infrastructure unless they also offer hosting services. | | #* [[Registries]] and [[registrars]] can act at the DNS level but not on the hosting infrastructure unless they also offer hosting services. |
| #* The top five most abused registrars account for 48% of all maliciously registered domain names. | | #* The top five most abused registrars account for 48% of all maliciously registered domain names. |
− | #* Phishers use free subdomain and hosting providers, which do not work well for spammers and botnet C&C activity. | + | #* Phishers use free subdomain and hosting providers, which do not work well for spammers and botnet C&C activity. For phishing abuse, half of the 10 most abused TLDs ([[.ml]], [[.tk]], [[.ga]], [[.cf]], and [[.gq]]) are operated by [[Freenom]]. |
| # Adoption of [[DNSSEC]] and mail protection protocols: | | # Adoption of [[DNSSEC]] and mail protection protocols: |
| #* DNSSEC adoption remains low. Of 227 million domain names, only 9.4 million meet all required resource records; however, 98% of them are correctly signed and validated. | | #* DNSSEC adoption remains low. Of 227 million domain names, only 9.4 million meet all required resource records; however, 98% of them are correctly signed and validated. |