Cryptomining
Nahorney said it’s not surprising that cryptomining generated the most DNS traffic out of any individual category.
“While cryptomining is often favored by bad actors for low-key revenue generation, it’s relatively noisy on the DNS side, as it regularly pings mining servers for more work,” he said. “Cryptomining was most active early in the year, before declining until summer. This, and the gradual recovery seen in the later part of the year, largely tracks with the value of popular cryptocurrencies. As currency values increased, so too did the rate of activity.”
Some of the activity could be blocks based on policy violations, where end users attempted to mine digital currencies using company resources. In those cases, administrators would have good reason for blocking such DNS activity.
