Don't Forget to Type the "O" When Typing .com or Else

DooKey

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,551
Apparently the self-proclaimed Spam King has gobbled up lots of .cm domains and they love to dish out malware. People around the web are finding this out in a bad way and their computers are getting hit with all sorts of garbage. Furthermore, these sites appear to automatically remove their code or download files if researchers try to go there to find out what's there. I don't know about anybody else, but I'm going to block the .cm domain so I don't accidently get hit with this kind of stuff. Thanks cageymaru.

Espn[dot]cm is one of more than a thousand so-called “typosquatting” domains hosted on the same Internet address (85.25.199.30), including aetna[dot]cm, aol[dot]cm, box[dot]cm, chase[dot]cm, citicards[dot]cm, costco[dot]cm, facebook[dot]cm, geico[dot]cm, hulu[dot]cm, itunes[dot]cm, pnc[dot]cm, slate[dot]cm, suntrust[dot]cm, turbotax[dot]cm, and walmart[dot]cm.
 
  • Like
Reactions: WhoMe
like this
I have had that entire Class B blocked for over a year. Nothing good comes from it.
 
You have to wonder why ICANN didn't prohibit obvious top-level domain name collisions. It would have been a relatively short list of domains you had to review (web standards like .com, .edu, .org), and I'm fairly certain they had/have access to the data necessary to make informed decisions about that sort of thing.
 
spugm1r3 said:
You have to wonder why ICANN didn't prohibit obvious top-level domain name collisions. It would have been a relatively short list of domains you had to review (web standards like .com, .edu, .org), and I'm fairly certain they had/have access to the data necessary to make informed decisions about that sort of thing.
Click to expand...

Follow the money.
 
spugm1r3 said:
You have to wonder why ICANN didn't prohibit obvious top-level domain name collisions. It would have been a relatively short list of domains you had to review (web standards like .com, .edu, .org), and I'm fairly certain they had/have access to the data necessary to make informed decisions about that sort of thing.
Click to expand...

Why does icann keep producing new swaths of TLDs that nobody uses but spammers?
 
schlitzmalt said:
Whats the easiest way to block entire .cm domain? Is there a specific range of addresses?
Click to expand...

Easiest way is if your router supports wildcards for DNS redirecting. Some ASUS routers have it under URL filtering (something like that). So it'd be *.cm .

Otherwise you may need something like DNSmasq or an assortment of other scripts / programs to help manage it.

You would think the HOSTS file would allow for wildcards, but it doesn't.
 
Anyone have any idea how to block these with a Sagemcom F@ST 5260? It is a router that came free with my charter install and I have been more then happy with its performance (1K sqft apartment) but I would like to block these so my significant other and guests do not access them.
 
Thanks for the heads up. Gonna block that on my PiHole when I get home.
 
Spidey329 said:
Easiest way is if your router supports wildcards for DNS redirecting. Some ASUS routers have it under URL filtering (something like that). So it'd be *.cm .

Otherwise you may need something like DNSmasq or an assortment of other scripts / programs to help manage it.

You would think the HOSTS file would allow for wildcards, but it doesn't.
Click to expand...

Well I've got an old version of DD-WRT running on my router. Tried adding "*.cm" under the WAN -->Website Blocking by URL Address
didn't seem to work though. PS best to experiment in a VM - I tried accessing hulu(DOT)cm and immediately web browser went nuts with virus stuff

Edit - got it blocking now with DD-WRT by adding ".cm" to Website Blocking by URL Address (ie:without the *)
 
Last edited:
I have a buffalo router, stock software, might flash it to dd-wrt if I need to do so.

Anyone know how to block in the stock buffalo software?

How is this not a copyright issue? Are there not requirements to check names as legit?
 
Last edited:
schlitzmalt said:
Whats the easiest way to block entire .cm domain? Is there a specific range of addresses?
Click to expand...

if you are running pfSense for your router/firewall install the pfBlockerNG package. Another great solution is pi Hole.

Thanks for the heads up in this article I have added .cm to my DNSBL in pfBlockerNG (without the leading period of course).
 
Elf_Boy said:
I have a buffalo router, stock software, might flash it to dd-wrt if I need to do so.

Anyone know how to block in the stock buffalo software?

How is this not a copyright issue? Are there not requirements to check names as legit?
Click to expand...

only if you applied in said country for copyright and not all countries follow U.S copyright laws,pretty much every country out side the U.S could care less if a U.S company owns a domain name. ESPN could stand for anything in another country, just because us in the english world know it as a sports network.. for all you know ESPN is copy written in another country for a completely different company
 
Learned many years ago to hit ctrl+enter when entering urls. This will add www. and .com to whatever keyword you typed in. So for www.hardocp.com you just need to type hardocp then hit ctrl+enter and the browser auto-completes it for you.

But thanks for the warning. Looks like .cm is going on the list just to be safer.
 
I put a "*.cm" block into my Avast Web Shield software. I tried to go to slate[dot]cm and Avast blocked it.
 
After adding ".cm" to dd-wrt url block list there is a chance of blocking legit sites - the next day had to temporarily disable it to load a site in the form of "www.cmxxxxx.com"
 
Does anyone know of a relatively safe *.cm web address to test firewall settings?

EDIT: Nevermind. I tested it by filtering ".edu" and testing to see if that worked. Success.
 
This works on my Asus router in the Firewall settings.
firewall-cm-blocked.jpg
 
You must log in or register to reply here.
Back
Top