Typosquatters Running .om Domain Scam To Push Mac Malware (threatpost.com)
64
msm1267 writes from an article on Threatpost: Typosquatters are targeting Apple computer users with malware in a recent campaign that snares clumsy web surfers who mistakenly type .om instead of .com when surfing the web. According to Endgame security researchers, the top level domain for Middle Eastern country Oman (.om) is being exploited by typosquatters who have registered more than 300 domain names with the .om suffix for U.S. companies and services such as Citibank, Dell, Macys and Gmail. Endgame made the discovery last week and reports that several groups are behind the typosquatter campaigns. Mac OS X users are being singled out in this typosquatting campaign with malware. According to Endgame, when a Mac user stumbles on one of the typosquatters' webpages, a fake Adobe Flash update pops up and attempts to trick users to install the advertising component called Genieo. Endgame suspects that typosquatters are exploiting a hole in Oman's domain name registration process. When Endgame tried to register a domain it was asked to verify that it had the authority to registrar a specific commercial domain. "It's unclear how typosquatters were able to register so many domains in such a short period of time," Endgame said.