The SubdoMailing operators are constantly on the lookout for suitable expired corporate domains, and once they find some they re-register them — typically capturing several dozen legitimate domains daily. The record stands at 72 hijacked domains in a single day — back in June 2023.
Read MoreLarge companies with extensive web resources may have multiple CNAME records and corresponding domains. The problem is that administrators cannot always keep track of is all. As such, a situation can arise where a domain has expired but its CNAME record lives on. These are the kind of domains that the cybercriminals behind the SubdoMailing campaign are eager to harvest...