{"id":57520,"date":"2024-10-27T15:44:06","date_gmt":"2024-10-27T15:44:06","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/"},"modified":"2024-10-27T15:44:06","modified_gmt":"2024-10-27T15:44:06","slug":"senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/","title":{"rendered":"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns"},"content":{"rendered":"<p><span class=\"label\">in brief<\/span> Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based domain registrars seem to keep popping up as, at best, negligent facilitators of election meddling.&nbsp;<\/p>\n<p>Warner sent <a href=\"https:\/\/www.warner.senate.gov\/public\/index.cfm\/pressreleases?id=A2FC6A5E-E6DC-435E-B7EF-3EFF2FA8ED4E\" rel=\"nofollow\">letters<\/a> to NameCheap, GoDaddy, Cloudflare, NewFold Digital, NameSilo, and Versign last week following the Biden administration&#8217;s <a href=\"https:\/\/www.theregister.com\/2024\/09\/05\/biden_cracks_down_on_putins\/\">seizure<\/a> of 32 domains used to spread pro-Russian propaganda, many masquerading as well-known Western news outlets.&nbsp;<\/p>\n<p>The whole thing is part of a long-running Russian disinformation campaign known as &#8220;Doppelg\u00e4nger,&#8221; which makes use of a huge network of fake news sites, phony social media mouthpieces, and other tricks to fool gullible Americans into <a href=\"https:\/\/www.theregister.com\/2024\/09\/18\/russia_putin_trump_white_house\/\">supporting Putin&#8217;s agenda<\/a>. The whole affair was <a href=\"https:\/\/www.theregister.com\/2023\/08\/30\/meta_coordinated_inauthentic_behaviour_report\/\">highlighted by Meta<\/a> in 2023, the report of which also played into Warner&#8217;s reasoning.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The DOJ&#8217;s report on seizing those 32 domains last month included indicators that the six aforementioned domain registrars had sold websites to Doppelg\u00e4nger operators, Warner noted, adding that the Meta report highlighted multiple ways in which the domain registration industry has enabled the bad behaviors. These include withholding registrar information from good-faith researchers, ignoring inaccuracies in registration information, failing to take care of domain names that are clear squatting attempts, and the like.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Warner said that information in the domain seizure affidavit suggested that Russian disinformation agents were using well-known techniques that, &#8220;against the backdrop of extensive open source literature on Doppelg\u00e4nger&#8217;s practices, should have alerted [the companies] to abuse of [their] services.&#8221;&nbsp;<\/p>\n<p>This problem isn&#8217;t new, either: Warner said abuse of domain name registration services is ongoing and &#8220;the industry&#8217;s inattention to abuse has been well-documented for years, enabling malicious activity \u2026 all possible because of malicious actors using your services.&#8221;&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>And then the gloves came off.<\/p>\n<p>&#8220;Given the continued lapses of your industry to address these abuses, I believe Congress may need to evaluate legislative remedies,&#8221; Warner threatened. &#8220;In the interim, your compan[ies] must take immediate steps to address the continued abuse of your services for foreign covert influence.&#8221;<\/p>\n<p>None of the registrars Warner identified responded to requests for comment, except GoDaddy, which told us that it has invested significant resources to address online abuse, among other boilerplate statements companies typically issue after such allegations.&nbsp;<\/p>\n<div class=\"boxout\" readability=\"25.84585492228\">\n<h3 class=\"crosshead\">Critical vulnerabilities of the week: A ScienceLogic CVE<\/h3>\n<p>You may recall last month that RackSpace monitoring tools were taken offline after being hit by a zero-day in what <a href=\"https:\/\/www.theregister.com\/2024\/09\/30\/rackspace_zero_day_attack\/\"><em>The Register<\/em> learned<\/a> was found in ScienceLogic SL1 software, but we didn&#8217;t have a lot of details at the time, or a CVE. Now we do, but the matter is still mysterious.&nbsp;<\/p>\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-9537\" rel=\"nofollow\">CVE-2024-9537<\/a>, with a CVSS score of 9.3, was issued for the vulnerability, but the explanation doesn&#8217;t lend much to our understanding.&nbsp;<\/p>\n<p>&#8220;ScienceLogic SL1 is affected by an unspecified vulnerability involving an unspecified third-party component,&#8221; NIST noted in its description of the vulnerability.&nbsp;<\/p>\n<p>Patches are available, and remediations were issued for older versions of SL1, so get patching before you become the next victim.<\/p>\n<\/div>\n<h3 class=\"crosshead\">It&#8217;s official: Change Healthcare the largest-ever healthcare data breach<\/h3>\n<p>Despite it having happened in February, we still didn&#8217;t have any idea how many people were affected by the ransomware attack and data breach &#8211; but now we know: Somewhere in the neighborhood of <a href=\"https:\/\/ocrportal.hhs.gov\/ocr\/breach\/breach_report.jsf\" rel=\"nofollow\">100 million people<\/a> were caught up in the incident, nearly a third of the US population.&nbsp;<\/p>\n<p>That makes the Change incident the largest healthcare data breach in US history.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>We knew it was going to be bad when in April, Change&#8217;s parent company UnitedHealth <a href=\"https:\/\/www.theregister.com\/2024\/04\/23\/unitedhealth_admits_breach_substantial\/\">said<\/a> it was worried the breach could involve records on &#8220;a substantial proportion of people in America,&#8221; but sheesh: In a nation of around 346 million people, 100 million records being stolen is a lot.&nbsp;<\/p>\n<p>The <a href=\"https:\/\/www.theregister.com\/2024\/06\/21\/change_healthcare_patients\/\">contents of the breach<\/a> are damning too, with full names, email addresses, DoBs, phone numbers, and other PII stolen alongside health information, banking data, claims records, and the like.<\/p>\n<h3 class=\"crosshead\">New, nastier Qilin variant emerges<\/h3>\n<p>Speaking of ransomware threats targeting the healthcare industry, the group behind the <a href=\"https:\/\/www.theregister.com\/2024\/06\/20\/qilin_our_plan_was_to\/\">attack on NHS systems<\/a> in the UK over the summer is back with a new version of its eponymous ransomware.&nbsp;<\/p>\n<p>The new <a href=\"https:\/\/www.halcyon.ai\/blog\/new-qilin-b-ransomware-variant-boasts-enhanced-encryption-and-defense-evasion\" rel=\"nofollow\">Qilin.B variant<\/a>, says ransomware defense company Halcyon, was recently spotted in the wild with enhanced encryption capabilities and an extra layer of defense on its keys to prevent decryption by anyone but a paying victim.&nbsp;<\/p>\n<p>Halcyon noted that Qilin.B now supports AES-256-CTR for systems with AESNI capabilities, while still retaining Chacha20 for other victims, and also now uses the RSA-4096 cipher with OAEP padding, &#8220;making file decryption without the attacker&#8217;s private key or captured seed values impossible.&#8221;&nbsp;<\/p>\n<p>Of course, the same defense evasion, backup disruption, process termination and other tricks the older version of Qilin had are all still there, making this one nasty piece of work. As we noted in our earlier coverage of Qilin&#8217;s activities, the allegedly Russian group relied on zero-day vulnerabilities to break into NHS systems, a common technique.&nbsp;<\/p>\n<p>In other words, consider this your weekly reminder to patch your systems.<\/p>\n<h3 class=\"crosshead\">Maalox for Mallox: Decryptor now available for early variants<\/h3>\n<p>An encryption flaw in the Mallox ransomware variant, also known as <a href=\"https:\/\/www.theregister.com\/2022\/09\/26\/sql_server_fargo_ransomware\/\">Fargo<\/a>, has allowed Avast researchers to develop a free decryptor with a catch: It&#8217;ll only work for victims hit before March 2024.&nbsp;<\/p>\n<p>In a blog post from Avast parent company Gen Digital, researchers <a href=\"https:\/\/www.gendigital.com\/blog\/news\/innovation\/decrypted-mallox-ransomware\" rel=\"nofollow\">said<\/a> that they found the cryptographic flaw in a version of Mallox circulating between January 2023 and February 2024, so anyone hit by the ransomware between those dates should be able to decrypt their data using the tool.<\/p>\n<p>64 and 32-bit versions are available in the blog post linked above. This is Avast&#8217;s second decryption tool for the Mallox family.<\/p>\n<p>&#8220;The Mallox ransomware was previously called TargetCompany ransomware, which Avast released a decryptor for in January of 2022,&#8221; the company said. &#8220;Since then, the cryptographic schema has been evolving [but] the authors made new mistakes.&#8221;<\/p>\n<p>Hopefully they made others so more decryptors will follow.<\/p>\n<h3 class=\"crosshead\">Genesis Market probe leads to indictment of cybercriminal cop suspect<\/h3>\n<p>The feds continue to pour over info recovered from stolen data souk Genesis Market after <a href=\"https:\/\/www.theregister.com\/2023\/04\/05\/fbi_seizes_stolen_data_mart\/\">shutting it down<\/a> last year, and their continued digging has managed to indict an allegedly crooked cop.<\/p>\n<p>Terrance Michael Ciszek, a detective with the Buffalo Police Department, was <a href=\"https:\/\/www.justice.gov\/usao-wdny\/pr\/federal-grand-jury-indicts-buffalo-police-detective-purchases-made-illicit-online\" rel=\"nofollow\">indicted<\/a> last week for reportedly buying nearly 200 sets of stolen credentials between March and July 2020, and then lying to the FBI about it when they investigated the matter. During the same period, he was also allegedly active on UniCC, a dark web site used to swap stolen credit card data.&nbsp;<\/p>\n<p>Ciszek even made the genius move of recording a video telling other cybercriminals &#8220;how he anonymized his identity on the internet while purchasing stolen credit cards&#8221; while praising UniCC&#8217;s offerings. Anyone who took his advice, presumably delivered using the &#8220;DrMonster&#8221; pseudonym the FBI accused him of operating under, ought to reconsider its effectiveness.&nbsp;<\/p>\n<p>Buffalo Police Department told <em>The Register<\/em> that Ciszek was suspended without pay.<\/p>\n<p>Ciszek reportedly denied purchasing stolen credentials when questioned by the FBI, instead trying to shift blame to his nephew &#8211; sounds like an all-around great guy. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2024\/10\/27\/senator_domain_registrars_russia_disinfo\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Also, Change Healthcare sets a record, cybercrime cop suspect indicted, a new Mallox decryptor, and more in brief\u00a0 Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based domain registrars seem to keep popping up as, at best, negligent facilitators of election meddling.\u00a0\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-57520","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-27T15:44:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns\",\"datePublished\":\"2024-10-27T15:44:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/\"},\"wordCount\":1228,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/\",\"name\":\"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-10-27T15:44:06+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/","og_locale":"en_US","og_type":"article","og_title":"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-10-27T15:44:06+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns","datePublished":"2024-10-27T15:44:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/"},"wordCount":1228,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/","url":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/","name":"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-10-27T15:44:06+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Zx6L9gMXSkSISX8kuVNUBwAAAAU&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/senator-accuses-sloppy-domain-registrars-of-aiding-russian-disinfo-campaigns\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=57520"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57520\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=57520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=57520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=57520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}