Malware Activity in Domain Registrars
July 1, 2021 - September 30, 2021
Malware attackers compose hostnames and URLs from domain names that they register purposely for malware attacks or from domain names that they have exploited in some way (e.g., by hijacking a domain registration account or by compromising a host such as a web site). They embed these into URLs in the emails, texts, or social media posts that lure victims to malware download sites.
To determine where gTLD domain names were purchased and managed, and where reported malware domains are concentrated in gTLD registrars’ domain portfolios, we identify the domain name Registrar - the business entity that processed the domain name registration – of domain names reported for malware activity from domain name registration data obtained via the Whois or RDAP services.
For the period, we identified 75 domain registrars with 30,000 domains under management and at least 25 reported malware domains.
- 37 registrars had more than 100 reported malware domains.
- 9 registrars had more than 500 reported malware domains.
- 5 registrars had more than 1000 reported malware domains.
Measurements of reported malware domains can identify registrars where analyses of business practices, account security, or pricing might prove useful. We currently collect domain registration data for generic Top-level Domains only; thus, the tables on this page present gTLD domains under management for each registrar.
In the table below, we show the twenty domain name Registrars with the highest number of reported malware domains under management.
Ranking of Domain Registrars by Malware Domains (July to September 2021)
Registrars with a minimum of 30,000 domains and 25 malware domains
| Rank | IANA_ID | Registrar | Total Malware Domains ▼ |
| 1 | 146 | GoDaddy.com, LLC | 13,309 |
| 2 | 1068 | NameCheap, Inc. | 4,294 |
| 3 | 1479 | NameSilo, LLC | 2,387 |
| 4 | 303 | PDR Ltd. d/b/a PublicDomainRegistry.com | 1,465 |
| 5 | 472 | Dynadot, LLC | 1,288 |
| 6 | 48 | eNom, LLC | 784 |
| 7 | 69 | Tucows Domains Inc. | 762 |
| 8 | 420 | Alibaba Cloud Computing (Beijing) Co., Ltd. | 646 |
| 9 | 440 | Wild West Domains, LLC | 534 |
| 10 | 2487 | Internet Domain Service BS Corp | 349 |
| 11 | 2 | Network Solutions, LLC | 330 |
| 12 | 625 | Name.com, Inc. | 310 |
| 13 | 1606 | Registrar of Domain Names REG.RU LLC | 282 |
| 14 | 1861 | Porkbun LLC | 277 |
| 15 | 49 | GMO Internet, Inc. d/b/a Onamae.com | 277 |
| 16 | 1647 | Hosting Concepts B.V. d/b/a Registrar.eu | 276 |
| 17 | 1331 | eName Technology Co., Ltd. | 259 |
| 18 | 1418 | Danesco Trading Ltd. | 258 |
| 19 | 460 | Web Commerce Communications Limited dba WebNic.cc | 249 |
| 20 | 609 | Sav.com, LLC | 219 |
Activity in Domain Registrars