Infoblox's 2025 DNS Threat Landscape Report highlights a dramatic rise in DNS-based cyberattacks, with threat actors increasingly leveraging AI-driven deepfakes, malicious adtech, and evasive domain strategies, The Fast Mode reports.
The report, based on analysis of over 70 billion daily DNS queries across thousands of environments, identified 100.8 million newly observed domains in the past year, with 25 percent classified as malicious or suspicious. Infoblox Threat Intel tracked over 660 unique threat actors and 204,000 suspicious domain clusters, noting that 82 percent of customer environments encountered malicious adtech. Daily detection of DNS tunneling, exfiltration, and command-and-control activity, including Cobalt Strike, Sliver, and custom tools, requires machine learning for effective detection. The findings underscore the limitations of reactive "patient zero" security approaches as threat actors continually deploy automated, large-scale domain infrastructures. "Investing in preemptive security can be the deciding factor in thwarting AI-equipped attackers," the report emphasizes, highlighting the need for predictive threat intelligence and proactive DNS protection to stay ahead of sophisticated adversaries.
The report, based on analysis of over 70 billion daily DNS queries across thousands of environments, identified 100.8 million newly observed domains in the past year, with 25 percent classified as malicious or suspicious. Infoblox Threat Intel tracked over 660 unique threat actors and 204,000 suspicious domain clusters, noting that 82 percent of customer environments encountered malicious adtech. Daily detection of DNS tunneling, exfiltration, and command-and-control activity, including Cobalt Strike, Sliver, and custom tools, requires machine learning for effective detection. The findings underscore the limitations of reactive "patient zero" security approaches as threat actors continually deploy automated, large-scale domain infrastructures. "Investing in preemptive security can be the deciding factor in thwarting AI-equipped attackers," the report emphasizes, highlighting the need for predictive threat intelligence and proactive DNS protection to stay ahead of sophisticated adversaries.
