Spamhaus has named Namecheap the most abused domain registrar in Botnets in Q3-2019.
The main problem here is that Namecheap is number one abused registrar by a very wide margin from the other registrars.
The amount of newly detected botnet command & control servers (C&Cs) reached an all-time high in July this year with more than 1,500 botnet C&Cs detected by Spamhaus Malware Labs. This is far in excess of the monthly average, set in the first half of this year, of 1,000 botnet C&Cs.
Report on the most abused domain registrars, Q3 2019
Namecheap: The US-based domain registrar ‘Namecheap’ continued to be the favorite place for malware authors to register their botnet C&C domains.
OpenProvider: The number of fraudulently registered domain names registered through the Dutch domain registrar ‘OpenProvider’ (aka ‘Hosting Concepts’) almost doubled from 188 in Q2 to 344 in Q3, placing them at #3 in the chart.
Register.com: Great work by ‘register.com’, who looks to have improved processes, as they no longer appeared on our Top 20 most abused domain registrars in Q3. This is in stark comparison to Q1, where they accounted for 22% of the total number of registered domains used for botnet C&Cs.
Newcomers: Newcomers to our chart of most abused domain registrars were the German based domain registrar ‘Key Systems’ and the French registrar ‘OVH’.