How is DynDNS a threat when abused as part of malware campaigns?

Read on the backgrounds: https://www.alienvault.com/blogs/security-essentials/dynamic-dns-security-and-potential-threats

Dynamic DNS itself isn’t malicious, but it could be a sign of other problems, absuses or threats to your network’s security,
so we should always be on the look-out for this when we find this alerted.

Example: https://urlquery.net/report/3ffb08a8-fa24-43b9-a134-3cc70fff41cd

In this case no malware detected: https://www.virustotal.com/nl/url/bb0e83dce4694c2274288cbab8e7f3ea7a8ba58d78101d612fdb4f33deea0ade/analysis/1515158573/

polonus

Update:

A recent example of such an address detected: https://urlquery.net/report/9c4b8721-a4b2-41e1-bd9b-7f8cd17e25a3

Also read: https://www.alienvault.com/blogs/security-essentials/dynamic-dns-security-and-potential-threats (info credits go to Tony Robinson)

Host in this case for this domain is -bitk.dnsalias.com → https://forums.malwarebytes.com/topic/217120-dnsaliasorg/
https://news.softpedia.com/news/DynDNS-Abused-by-Malware-Pushers-147269.shtml

polonus