Sunday 05 July 2026 09:21:58 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Fallback domain

An alternate server address used when a primary control channel is blocked or unavailable.

A fallback domain is an alternate server address that malware can contact if its primary command-and-control channel is blocked, sinkholed, or taken offline. It is a resilience feature: the infected device can try another domain and still reach the operator.

In cyber security, fallback domains matter because they make disruption harder. Defenders may block a known primary domain, but the malware can switch to a backup and continue receiving instructions, updates, or stolen data. Operators often hide this traffic inside ordinary-looking web requests or rotate through several domains to delay takedown. In real campaigns, including Android banking trojans, fallback infrastructure helps malware survive network filtering and user-report-driven blocking. Defenders look for domain patterns, unusual DNS lookups, and repeated contact attempts to identify and quarantine this behavior.

← WIKICROOK index