UPDATED 30th JULY 2018

No-one wants their devices hijacked for crypto mining so Deteque, a division of Spamhaus, has added a new layer of security with the introduction a ‘Cryptominer’ zone as part of its DNS Firewall Threat Feeds.

bit coin with pick axe and text saying Crypto miner protection added to DNS Firewall feed

Deteques new crypto miner zone added to DNS firewall feed

Deteque researchers are constantly tracking the networks of crypto miners who use adverts, often on legitimate websites, to run JavaScript and other code that can drain processing power via the browser for crypto mining without any actual malware being installed on a user’s machine.

With the new zone included in an organization’s DNS management, users will still get access to the websites they want to visit, but the adverts used for crypto mining are blocked as part of the DNS resolution process. This way malicious adverts are blocked before a connection is made a so there is no need for dedicated software or tools on an individual’s device.

The Cryptominer Zone is accessible as part of the Diverse category of our DNS Firewall response policy zone data feeds. Find out more.

DNS Firewall Threat Data from Deteque is currently used by ISPs, corporations and public institutions world-wide. Find out more.

Further reading on crypto jacking:

Protection against fraud and phishing is now boosted with Zero Reputation Domains (ZRD) threat intelligence from Deteque, a division of Spamhaus.

We have added a ZRD zone to Deteque’s DNS Firewall Threat Feeds, which can be used as a check in an organization’s DNS management to block malicious and low reputation domains. With the new ZRD data feed, network security managers can block access to newly-registered domains which are often associated with fraud or phishing attempts.

Cyber criminals immediately use newly registered domains for websites, hoping that users will fall victim before a domain has been analyzed for its reputation, as opposed to legitimate organizations who will rarely activate a domain and start using it as soon as it has been registered.

The ZRD zone automatically adds newly-registered and previously dormant domains to a blocklist for 24 hours. Once the domain is older than 24 hours it will be removed from this zone, or if the domain is deemed malicious by other tests it will be added into another zone.

DNS Firewall Threat Feeds from Deteque are currently used by ISPs, corporations and public institutions world-wide. Find out more and start your 30 day free trial today

Existing RPZ subscribers can reach out to their Spamhaus partner to enquire about adding ZRD to their subscription.