According to a new Akamai analysis, the company's experts classified about 79 million domains as dangerous in the first half of 2022; based on a NOD (newly observed domain) dataset, this is about 13 million malicious domains per month, representing 20.1% of all the successfully resolved NODs.
According to Akamai, a NOD is any domain queried for the first time in the last 60 days. And by “malicious,” it means a domain name that leads to a site meant to phish, spread malware or do some other kind of damage online.
Akamai said, “[The NOD dataset] is where you find freshly registered domain names, typos, and domains that are only very rarely queried on a global scale.” The company observes about 12 million new NODs daily, of which slightly more than 2 million are successfully resolved.
The organization uses relatively simple procedures to determine whether a domain is harmful or not. With the assistance of the larger cybersecurity community, Akamai compiled a 30-year predictive list of known domain generation algorithms (DGAs) that may be used to detect domains registered with DGAs.
Since DGA domains may be created in quantity for even temporary campaigns, hackers frequently use them to distribute malware and host phishing pages. Think of DGAs as places on the internet where malware and other things can meet up and use them.
According to the company, most of Akamai's malicious domain detections come from the “more than 190 NOD-specific detection criteria” it employs for NOD-based detection. They also mentioned that among the 79 million malicious NODs it discovered in the first half of the year, there were only 0.00042 percent false positives.
There are other options than Akamai's NOD detection, such as Cisco's “newly seen domain” detection system, which scans DNS data and alerts users to potentially dangerous websites.
Although it's unclear how those services stack up against Akamai's, their end objectives seem to be comparable and indicate that NODs are a well-known security issue that other businesses are seeking to address.