Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong
By Nick McMaster,  Newser Staff
Posted Dec 11, 2007 8:48 PM CST
DNS server-based phishing attacks are very effective at stealing passwords.   (shutter stock)
camera-icon View 1 more image

(Newser) – The misdirection of “open-recursive” DNS servers, which facilitate web-surfing by translating verbal domain names into numerical IP addresses, is the new, more covert face of cyber-criminality, and could explode into a new wave of phishing attacks, IDG News reports. Hackers can use these types of DNS servers to redirect a web user to pages of their choosing, regardless of the web address they entered.

DNS server misdirection itself is not new, but attacks are now coordinated with web- or email-based malware, which changes a Windows registry setting so that an individual's computer can only visit DNS servers compromised by the criminals. With that control, they can subtly, perhaps only occasionally send a user to fake sites—such as during an online banking session—or simply hijack their entire Internet experience.