“The next big threat” is how Microsoft’s latest annual security report characterizes domain names written into a distributed ledger maintained across a constellation of computers instead of stored in a traditional, centralized registry.
Storing domain names on a blockchain can make them difficult to shut down or even trace to their owners. It also leaves them inaccessible without special software or settings.
“In recent years, we have observed blockchain domains integrated into cybercriminal infrastructure and operations,” the report says, nodding to Microsoft’s experience last spring disrupting a botnet called Necurs.
That botnet used a domain-generating algorithm to create new hosts in bulk—including under the .bit blockchain top-level domain, leaving them unable to be policed like a .com or other standards-compliant domain.
The potential for abuse led a group called OpenNIC, which promotes alternatives to the traditional domain-name system, to vote in 2019 to block the…