Cyber Security News

Researchers Uncover New technique to Detect Malicious Websites

The internet domains serve as a launchpad for threat actors to launch several cyber attacks. By exploiting the internet domains as a launchpad platform, threat actors can perform the following activities on Malicious Websites:-

  • Distribute malware
  • Facilitate command and control (C&C) communications
  • Host scam
  • Perform phishing attacks
  • Perform cybersquatting

Detecting malicious domains is an ongoing challenge, and in this scenario, MDD (Malicious Domain Detection) plays a key role, as it helps in identifying the domains that are linked to cyberattacks.

The following cybersecurity researchers from the New Jersey Institute of Technology Qatar Computing Research Institute (QCRI), and Hamad Bin Khalifa University (HBKU) have recently discovered a new technique to uncover the websites associated with cyber attacks:-

  • Mahmoud Nazzal
  • Issa Khalil
  • Abdallah Khreishah
  • NhatHai Phan
  • Yao Ma

Malicious Domain Detection

In this case, the Graph neural networks (GNNs) is one of the most efficient approach to combat this. The GNN-based MDD uses DNS logs, creates a domain maliciousness graph (DMG), and trains a GNN to conclude the domain maliciousness from known data.

While the GNNs revolutionize graph data with neural layers, creating powerful node embeddings for diverse applications. The Heterogeneous graphs have varied nodes and edges, while in this scenario, the hetGNNs play a key role, as it enhances them for top performance.

Network schema of a heterogeneous DMG (Source – Arxiv)

Cybersecurity analysts defined the following key elements of the threat actors to characterize the complete threat model:-

  • Goals of the threat actors
  • Knowledge of the threat actors
  • Limits in evading MDD detection
Overview of the attack (Source – Arxiv)

To perform a successful attack against the GNN-based MDD models, the following requirements are needed:-

  • The adversary owns multiple domains.
  • Interconnected adversary domains for efficient evasion in bulk.
  • No Interference among adversary domains.

Study Limitations

Here below, we have mentioned all the study limitations:-

  • Scarce MDD data
  • Patented GNNs
  • Missing defense options for hetGNNs
  • Simulated adversary models
  • No real subgraphs impact findings

However, cybersecurity researchers affirmed that future research can boost MDD’s defense with DNS logs and heterogeneity; it also helps counter the MintA’s stealth since it uniquely evades the detection of multiple adversary nodes.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Tushar Subhra Dutta

Tushar is a senior cybersecurity and breach reporter. He specializes in covering cybersecurity news, trends, and emerging threats, data breaches, and malware attacks. With years of experience, he brings clarity and depth to complex security topics.

Recent Posts

New Chaosbot Leveraging CiscoVPN and Active Directory Passwords to Execute Network Commands

ChaosBot surfaced in late September 2025 as a sophisticated Rust-based backdoor targeting enterprise networks. Initial…

14 hours ago

Threat Actors Exploiting SonicWall SSL VPN Devices in Wild to Deploy Akira Ransomware

Threat actors have reemerged in mid-2025 leveraging previously disclosed vulnerabilities in SonicWall SSL VPN appliances…

14 hours ago

Nanoprecise partners with AccuKnox to strengthen its Zero Trust Cloud Security and Compliance Posture

Menlo Park, USA, October 10th, 2025, CyberNewsWire AccuKnox, a leader in Zero Trust Cloud Native…

15 hours ago

175 Malicious npm Packages With 26,000 Downloads Attacking Technology, and Energy Companies Worldwide

Socket's Threat Research Team has uncovered a sophisticated phishing campaign involving 175 malicious npm packages…

15 hours ago

RondoDox Botnet Exploits 50+ Vulnerabilities to Attack Routers, CCTV Systems and Web Servers

Since its emergence in early 2025, RondoDox has rapidly become one of the most pervasive…

16 hours ago

Microsoft Defender Incorrectly Flags SQL Server Software as End-of-life

Microsoft Defender for Endpoint is incorrectly flagging specific versions of SQL Server as having reached…

18 hours ago