Malware authors are targeting parked domains in a bid to create a wider network of compromised zombie machines. About 100 domains parked at NameDrive, one of the top 200 websites in the world, were pointed to an "ad server" serving Trojan downloader malware. This server accounted for 10 per cent of web-based malware attacks …
Aren't parked domains part of the problem?
Parked domains in themselves are a nightmare ready to spew ads and pop ups because you happened to make a typo in the address. The fact that malware has made it's way on to them is hardly surprising. To be honest I'd consider most parked domains, especially those based on misspellings of popular URLs, barely better than malware anyway. Another symptom of the fact the Internet is bedeviled with shit pipes at every turning...
There's a right way and a wrong way...
...to "park" a domain.
The right way is to direct all access to a page that says something to the effect of "this domain has been parked at $REGISTRAR. Please visit us again when the site is finished!"
The wrong way is to redirect all access to an ad farm, which, of course, encourages malicious individuals to register domains with the (incompetent or malicious - pick one) registrar, and place ads on the registrar's ad farm which then direct visitors to the malware distribution sites.
Guess which method NameDrive chose? Guess why I would never trust NameDrive with any of my dozens of domain names!
While I agree that many parked domains are misspellings used by phishers and/or the grabbings of cybersquatters to build ad farms, there are also legitimate reasons to park a domain. One is to bag it before the cybersquatters do, pending website development. As a web developer, I routinely grab a domain for a client as soon as they approach us for a job, and park it while the site is being developed.
Sometimes the client may take a few months to get organised and actually call for us to start the job, in which case hanging onto the domain ensures we have it when we need it. It also gives us some protection if another developer tries to hijack our client, since if we do the CNA (Client Needs Analysis) for them (which costs us money) and the client then decides to go to another developer we'll add the cost of the CNA to the charge for transferring the domain name to the competitor.
But yes, there is a right way and a wrong way. We park domains by pointing them at a generic "Under Construction" parking page on our server, not on an ad farm. Not just out of civic-mindedness, I'm afraid; the reason we don't show ads on parked domains is mainly because we don't want the domain coming up in search results when people google for porn!
Damn cyberquatters... nothing worse than companies which buy up domain names and then expect you to fork out upwards of USD8,000 to buy it off them.
If you register and park a domain because you mean to use it later on, fine and more luck to you... but if you register and park it with the express purpose of extorting money for it, I have no pity for you... especially since -according to ICANN - you don't OWN the domain, you only lease it.