Webinar (Customers Only)

iSpyNote Malware: How Threat Actors Exploit Newly Registered Domains

Date: Thursday June 12th

Time: 10:00AM PT/1:00PM ET

The threat landscape is full of changes, but one constant is bad actors’ use of newly registered domains as the starting point for their malicious activity. These domains often mimic legitimate websites or app pages, tricking users into downloading malicious payloads. 

One example comes from a recent DomainTools Investigations analysis on how attackers used newly registered domains to distribute SpyNote malware targeting Android devices. In this closed event for DomainTools customers, Daniel Schwalbe and Malachi Walker will use this real-world investigation to demonstrate how the DomainTools platform enables security teams to:

  • Identify and track malicious infrastructure through domain registration patterns and DNS telemetry
  • Correlate indicators of compromise (IOCs) with attacker infrastructure using pivoting techniques
  • Leverage Risk Score, Domain Profile, and Iris Investigate to uncover related domains and potential future threats
  • Map attacker behavior to the MITRE ATT&CK framework for better contextual understanding
  • Proactively defend against similar campaigns by enriching threat intelligence feeds with high-fidelity DNS data
DomainTools Demo CTA Contact Us

Contact Us

Fill out our general contact form to reach a representative.
DomainTools Demo CTA Become a Partner

Become a Partner

Join our channel partner program.

DomainTools Logo
Pricing Contact Login Support Request a Demo

© 2025 DomainTools

DomainTools® and DomainTools™ are owned by DomainTools, all rights reserved.

Privacy Policy    |    California Privacy Notice
Do Not Sell My Personal Information    |    Terms of Service    |    Sitemap