amazon-web-services cloud cloud-security amazon-guardduty

Is it possible to block malicious domains in AWS by adding them in Threat List?

I am trying to block malicious domains through AWS Guard Duty which were being queried by some of the EC2 instances. During some research I found out, We can block only IP addresses by adding them in Threat list not the domains. So, is there any same way for blacklisting domains too ? If not, I would also like to know about any alternative idea.

The domain for which we have received alert is not even registered. Its somewhat look like this.

bpschrex***.co.in

On internet, I came across a security blog which tells us that the attacker intentionally uses unregistered domains in their malwares so that if they got a hit, they will later register the domain and gain access for their benefit.

Solution

Posting the answer to my question:

"It is not possible to block domains till date in AWS with the help of the GuardDuty Threat list. Only IPs are allowed."

How to create a size condition using AWS dynamodb-mapper-js
Unable to read text file in Glue job
Lambda Provisioned Concurrency showing 0 available. But I'm not using any
How to use AWS Secret Manger in JavaScript file hosted on ECS container
Creating a schedule expression for eventbridge using terraform
AWS RDS restoring snapshot with upgraded engine version giving error
Error with not existing instance profile while trying to get a django project running on AWS Beanstalk
Timeout when trying to retrieve EC2 instance-id metadata from within it
Lease table is not updated when new shards are added causing stale workers in KCL
libsndfile.so.1: cannot open shared object file: No such file or directory
Why does ECS binpack strategy on memory always scale up a new EC2 instance despite available resources?
How to pull every single image (tag or untagged) from AWS ECR?
In CloudFormation how can I link RDS and Secrets Manager so I don't have to hardcode the password?
Renaming AWS GraphQL Schema Types
How to install postgresql-client to Amazon EC2 Linux machine?
PyCharm: Why "Python Console" is not accessing ~\.aws\credentials file? How to set it within "Python Console"
Is it possible to run aws s3 sync with boto3?
Python 3 asyncio with aioboto3 seems sequential
Serverless / AWS Lambda - Create the triggers for the published lambda versions
AWS Glue missing permissions
Invoking lambda from API gateway test, but hitting the endpoint does not invoke the lambda. 500 returned
terraform destroy needs original terraform code to destroy?
AWS CDK Change S3 deployment folder lifecycle time
How to correctly/safely access parameters from AWS SSM Parameter store for my Python script on EC2 instance?
Why is my image not displaying on my Web page?
How to copy blobs from azure to aws using python?
S3 Bucket action doesn't apply to any resources
Couldn't proceed with upgrade process as new nodes are not joining node group standard-workers
How to customize "From" name for SNS emails
Changing the name of a Load Balancer on AWS Console