首页|Web of shadows: Investigating malware abuse of internet services
Web of shadows: Investigating malware abuse of internet services
扫码查看
点击上方二维码区域,可以放大扫码查看
原文链接
NETL
NSTL
Internet Web and cloud services are routinely abused by malware, but the breadth of this abuse has not been thoroughly investigated。 In this work, we quantitatively investigate this abuse by leveraging data from the Cyber Threat Alliance (CTA), where 36 security vendors share threat intelligence。 We analyze CTA data collected over 4 years from January 2020 until December 2023 comprising over one billion cyber-security observations from where we extract 7。7M URLs and 1。8M domains related to malware。 We complement this dataset with an active measurement where we periodically attempt to download the content pointed out by 33,876 recently reported malicious URLs。 We investigate the following questions。 How generalized is malware abuse of Internet services? How do domains of abused Internet services differ? For what purpose are Internet services abused? and How long do malicious resources remain active? Among others, we uncover a broad abuse affecting 22K domains of Internet services, that Internet services are largely abused for enabling malware distribution, and that malicious content in Internet services remains active longer than on malicious domains。
NETL
NSTL
