Spamhaus: Most abused domain registrars, Q4 2021

Spamhaus published the latest report for the most abused domain registrars in botnets from Q4 2021:

Overall, we saw a decrease in fraudulent domain registrations in Q4 2021, which is positive news. But some countries’ registrars are still clearly struggling.

Canadian based registrars

Registrars in Canada had the most fraudulent botnet C&C registrations in Q4, overtaking China from Q3.

German based registrars

There was a noticeable increase (136%) in the number of botnet C&Cs associated with registrars operating out of Germany. This was due to Key Systems experiencing a 74% increase and 1API re-entering our charts at #12, having dropped off the Top 20 in Q2.

Atak

This domain registrar appeared for the first time in our rankings. Atak operates out of Turkey and hasn’t responded to any of our abuse reports to date. We have therefore filed a complaint against Atak with ICANN’s policy enforcement. It is imperative that everyone who is part of the internet ecosphere work together to protect internet users.

Nicenic.net (China) & PDR (India)

These registrars experienced significant increases in the number of botnet C&C domains registered through them in Q4. However, while registrations are increasing for PDR their response times to abuse reports are excellent.

Thank you to those who’ve departed from our listings

Last quarter we highlighted that CentralNic, West263, and Network Solutions had all experienced considerable increases in the number of newly registered botnet C&C domains. In Q4, all three of these registrars, along with eName, Xin Net, 22net, and OVH, departed from our Top 20 this quarter, so we’d like to applaud all their efforts in preventing fraudulent registrations.