147
What are these comments on lemmy posts?
(lemmy.sdf.org)
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
Looking for support?
Looking for a community?
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
i think i understand that part but why is this specific event "another reason to block this TLD"? can’t they just use any TLD for this and achieve the same thing? is there another inherit security issue with .zip that doesn't exist with other domains?
They can and they do. Using a commonly known and used file extension to “hide” a malicious URL is just easier.
https://www.youtube.com/watch?v=GCVJsz7EODA
gotcha ok i think i’m getting it. just to make sure i’m not missing anything, you’re saying that in this case it didn’t matter as in the end they could use any TLD and achieve the same effect.
but in general, threat actors hope to confuse people into thinking this “.zip” TLDs are only referencing local files instead of web addresses. right?