Featured in this episode of Chaos Lever
We all know what the tld is, right? The last set of letters after the last period in a website. Like, .com, .gov, .us, etc. (Ed- Yes, we know the DNS spec has a final period which represents the root of all domains. You’re very smart. Shut up.) Well, Google has introduced a new set of them for “dads, grads, and techies.” It’s important to note that Google did not use an Oxford comma in this headline and as such I’m already furious.
Most of the new domains are more or less harmless- I can’t see much to complain about with .dad, .phd, .prof, .esq, or .nexus. But there are two others that have raised immediate concerns in security circles; namely, .zip and .mov.
When people think of .zip they think of a compressed archive. And for .mov, a video file. The way an attack can be structured is simple: “Ooh a link to a filetype I’ve heard of and its in my email! It looks like I’m downloading from github- I’ve heard of github too! I should click on it probably.”
And they do- there have already been reports of websites using a .zip TLD to attempt malicious activity. Sites like report2023.zip, or microsoft-office.zip popped up immediately. This, of course is bad. There are even a few pro-consumer protection sites like https://financialstatement.zip that exist solely to 1) take some names that would definitely be used for evil out of circulation, and 2) go into why this is such a bad idea in a lot more detail than I can right now.