See below the most abused domain name registrars at Botnets in Q3 2021.
There were significant increases across most of the domain registrars listed in the Top 20. The United States is home to the largest percentage of domain registrars; however, their share has dropped quarter on quarter, while China, the United Kingdom, and Russia have increased.
In Q2 you saw Arsys, now you don’t
A nod of approval to Arsys, who was a new entry at #5 in Q2. They appear to have taken positive steps to ensure their TLD remains as clean as possible and dropped off the Top 20 in Q3, along with HiChina, 1API, Name.com, and 55hl.com. Excellent work to all these registrars.
In Q3, they saw the biggest increases in newly registered botnet C&C domains at CentralNic (+488%), Tucows (+266%), RegRU (+252%), West263.com (+168%), and Network Solutions (+163%).
The vast majority of fraudulent domain name registrations originate from poor resellers who have inappropriate or non-existent customer vetting in place.
Registrars can struggle to penalize these dirty resellers for many reasons, including poorly written Terms of Services (ToS). However, other matters can also come into play, such as a vested financial interest or a fundamental lack of motivation to take responsibility for these issues.
Spamhaus hopes that these registrars will improve their reputation quickly by implementing stricter measures on their resellers to ensure they strive to fight against the registration of fraudulent domain names.
You can read the complete Spamhaus report here.