RDGAs: The Next Chapter in Domain Generation Algorithms

This Infoblox research brief describes the rise of registered domain generation algorithms (RDGAs)—algorithms actors use to mass-register domains for malicious and benign purposes—demonstrating how RDGAs differ from traditional DGAs, presenting examples and clusters (including the prolific actor “Revolver Rabbit”), historical RDGA use by Hancitor and XLoader, detection challenges, statistical scale (millions of domains / thousands of actor clusters), and a sample set of indicators of activity.