Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

Cloudflare loses 22% of its domains in Freenom.tk shutdown

A staggering 12.6 million domains on TLDs controlled by Freenom have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare.
The disappearance of these websites was spotted during our monthly Web Server Survey and represents a 98.7% drop from the number of Freenom domains that were resolvable last month.
Gq TLDs are country code top-level domains for Tokelau, Central African Republic, and Equatorial Guinea.
The huge drop is likely the culmination of a series of events that started last year, when Freenom was sued by Meta for ignoring abuse complaints.
Freenom subsequently paused new domain registrations in March 2023, and Netcraft noticed a dramatic reduction in the amount of cybercrime across two TLDs that later moved away from the provider.
Finally, on 12 February 2024, Freenom announced that it had decided to exit the domain name business, including the operation of registries.
The same press release also announced that Freenom had resolved the Meta lawsuit on confidential monetary and business terms.
The affected domains represent a big loss for Cloudflare, with.
Gq previously accounting for 23.1% of all domains hosted on its platform - and nearly all of these have now gone.
Gq domains hosted by Cloudflare has fallen by 99.8% since our March 2024 Web Server Survey, leading to a noticeable 22.0% drop in the total number of all domains hosted by Cloudflare.
The.tk top level domain was the most popular of those operated by Freenom.
Last month it accounted for 16.2% of all domains hosted by Cloudflare, but very few of these were used by popular websites.
Amongst Netcraft's top million websites dataset, there were only 59 sites across 57.tk domains.
36 of these still resolve, which suggests they are paid-for domains.
To the vast majority who registered these domain names for free, their sudden disappearance came as a bit of a surprise.
Tk domains provides a good indication of when the shutdown took effect, particularly as the two largest certificate authorities - Google and Let's Encrypt - only issue domain validated certificates.
The issuance and renewal process for a domain validated certificate involves sending an HTTP request to the website it will be issued for, and so each subject domain must be resolvable for the process to succeed.
This graph shows the shutdown taking noticeable effect between 8 - 10 February 2024, crucially a few days before Freenom issued the 12 February press statement where it announced its exit from the domain name business.
The free and easily acquired domain names that Freenom used to provide were unsurprisingly attractive to criminals and were used to host many phishing sites, malware, and other types of cyberattacks.
One positive side effect of the shutdown is that the number of malicious URLs that we block on the affected TLDs has fallen by 86.9% since December 2023.

This Cyber News was published on www.netcraft.com. Publication date: Fri, 15 Mar 2024 18:13:05 +0000

Cyber News related to Cloudflare loses 22% of its domains in Freenom.tk shutdown

Cloudflare loses 22% of its domains in Freenom.tk shutdown - A staggering 12.6 million domains on TLDs controlled by Freenom have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites was spotted during our ...
1 year ago Netcraft.com

Cloudflare discloses breach related to stolen Okta data - Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. Cloudflare disclosed in a blog post that it had been breached by an unnamed nation-state threat actor using an access token and three ...
1 year ago Techtarget.com

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2025-6087 - A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package. The vulnerability stems from an unimplemented feature in the Cloudflare adapter for Open Next, which allowed unauthenticated users to proxy ...
2 months ago

CVE-2023-52998 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago

Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator - The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator, according to ...
1 year ago Bleepingcomputer.com

Cloudflare Dashboard and APIs down after data center power outage - An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose ...
1 year ago Bleepingcomputer.com

Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains - The two main advantages of detecting stockpiled domains are expanding coverage of malicious domains and providing patient-zero detections as attackers stock up on domains for future use. As of July 2023, our detection pipeline has found 1,114,499 ...
1 year ago Unit42.paloaltonetworks.com

How to Arm Yourself With CloudFlare Security Solutions - Securing your website or digital asset is a critical part of running a successful business or website. With the rise of the digital era, the need to protect yourself from cyber-attacks is essential. That's why CloudFlare, the leading cloud solution ...
2 years ago Blog.cloudflare.com

Cloudflare mitigates record number of DDoS attacks in 2025 - Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. However, 2025 is looking to be an even bigger problem for online ...
4 months ago Bleepingcomputer.com

Cloudflare publishes details of Thanksgiving security breach The Register - Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. In a write-up on Thursday, CEO Matthew Prince, CTO John ...
1 year ago Go.theregister.com

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

Cloudflare hacked using auth tokens stolen in Okta attack - Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. The threat actor first gained access ...
1 year ago Bleepingcomputer.com

Cloudflare R2 service outage caused by password rotation error - The absence of safeguards and validation checks for high-impact actions led to the outage, prompting Cloudflare to plan and implement additional measures for improved account provisioning, stricter access control, and two-party approval processes for ...
5 months ago Bleepingcomputer.com

InfectedSlurs Botnet Spreads Mirai via Zero-Days - The payload targets routers and network video recorder devices with default admin credentials and installs Mirai variants when successful. Until November 9, 2023, the vulnerable devices being targeted were unknown. Since both the name and the version ...
1 year ago Akamai.com

Researchers Hunted Malicious Stockpiled Domains DNS Records - Malicious stockpiled domains are the collection of domain names that threat actors acquire in advance for several types of future malicious activities like:-. While all these domains are often kept unused initially to evade detection, and then later ...
1 year ago Cybersecuritynews.com

Russia’s throttling of Cloudflare makes sites inaccessible - "As the throttling is being applied by local ISPs, the action is outside of Cloudflare’s control, and we are unable, at this time, to restore reliable, high-performance access to Cloudflare products and protected websites for Russian users in a ...
2 months ago Bleepingcomputer.com

Hackers Abuse Cloudflare Services for Sophisticated Phishing Attacks - The attacks, which began emerging in early 2025, leverage Cloudflare Workers and Pages to host malicious content that easily bypasses traditional security filters due to the trusted nature of Cloudflare’s infrastructure. Cybersecurity experts ...
5 months ago Cybersecuritynews.com

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack - To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration. Cloudflare also points out that the ...
1 month ago Bleepingcomputer.com

Threat Actors Registered 26k+ Domains Mimic Brands to Trick Users - These malicious domains serve as landing pages for sophisticated smishing (SMS phishing) campaigns, where unsuspecting users receive text messages containing links to what appear to be legitimate services. The domains follow specific naming patterns ...
4 months ago Cybersecuritynews.com Cloak

Imperva Client-Side Protection Mitigates the Polyfill Supply Chain Attack - The recent discovery of a website supply chain attack using the cdn. Polyfill.io domain has left many websites vulnerable to malicious code injection. Once a trusted resource for adding JavaScript polyfills to websites, the domain has recently become ...
1 year ago Imperva.com

CVE-2020-25600 - An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs ...
3 years ago

Hunting for malicious domains with VT Intelligence ~ VirusTotal Blog - Please note that this blogpost is part of our #VTMondays series, check out our collection of past publications here. Many cyberattacks begin by victims visiting compromised websites that host malware or phishing scams, threat actors use domains for ...
1 year ago Blog.virustotal.com

Cloudflare Incident on January 24th, 2023 - An Overview - On January 24th, 2023, Cloudflare experienced an incident that impacted its customers globally. In this article, we will provide an overview analysis of the incident, its impacts on SEO, security, threats, etc. ...
2 years ago Blog.cloudflare.com

Cloudflare open-sources Orange Meets with End-to-End encryption - With the introduction of E2EE and the resolution of various trust and verification issues, users interested in strong cryptographic assurances can explore Orange Meets as a foundation for secure video calling in research or prototyping contexts. ...
2 months ago Bleepingcomputer.com

Cloudflare hit by data breach in SalesLoft, Drift supply chain attack - Cloudflare, a leading web infrastructure and security company, has recently been impacted by a significant data breach linked to a supply chain attack involving SalesLoft and Drift. This incident highlights the growing risks associated with ...
6 days ago Bleepingcomputer.com