DigiNews

Summary

Researchers reveal a novel phishing method that uses the .arpa TLD in combination with IPv6 reverse DNS to hide malicious links. The attack exploits DNS providers that permit creating A records for .arpa reverse domains, enabling traffic to be directed through traffic distribution systems and into malicious sites. The post emphasizes that conventional domain reputation checks may miss these domains, and highlights indicators of compromise and IoCs.