Criminals are abusing top-level government domains across multiple countries
Posted by:
Emma Walker
A recent Cofense report highlights the worrying trend of cybercriminals exploiting top-level domains (TLDs), especially .gov domains, for various malicious purposes. Between November 2022 and November 2024, threat actors from over 20 countries targeted vulnerabilities in .gov domains, using tactics like open redirects to conduct credential phishing and command & control operations. In the U.S., a specific vulnerability associated with “noSuchEntryRedirect” parameter was frequently exploited. Brazil emerged as the leader in .gov domain abuse, with a focus on a few critical government websites for phishing attacks. This underscores the global scope of the issue and the need for heightened cybersecurity measures.
Recent Posts1
Wacom warns users their data may have been stolen in breach
February 6, 2025
