Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong

By Nick McMaster, Newser Staff

Posted Dec 11, 2007 8:48 PM CST

(Newser) – The misdirection of “open-recursive” DNS servers, which facilitate web-surfing by translating verbal domain names into numerical IP addresses, is the new, more covert face of cyber-criminality, and could explode into a new wave of phishing attacks, IDG News reports. Hackers can use these types of DNS servers to redirect a web user to pages of their choosing, regardless of the web address they entered.

DNS server misdirection itself is not new, but attacks are now coordinated with web- or email-based malware, which changes a Windows registry setting so that an individual's computer can only visit DNS servers compromised by the criminals. With that control, they can subtly, perhaps only occasionally send a user to fake sites—such as during an online banking session—or simply hijack their entire Internet experience.

DNS server-based phishing attacks are very effective at stealing passwords. (shutter stock)

Phishing attacks involve the theft of personal information. (Shutter stock)

« Prev« Prev | Next »Next » Slideshow

To report an error on this story, notify our editors.

More Newser Stories

'Every Network Is at Risk' Thanks to Bug

Security expert says DNS flaw could cause Internet-wide chaos

(NEWSER) - Security researcher Dan Kaminsky outlined what he calls the biggest Internet security hole since 1997 to a gathering of experts yesterday, and it's a lot worse than had been understood, Wired reports. “Every network is at risk,” Kaminsky said at the Black Hat conference in Las Vegas. "That's what this flaw has shown." The bug, a hole in the Domain Name Service, has wider implications than anyone realized when word of it leaked last month, Kaminksy said. More»

Hackers Hit Internet Giant VeriSign

Firm is responsible for delivering people to more than half of all websites

(NEWSER) - Hackers managed to break into the servers of a crucial web company responsible for delivering users to more than half the websites in the world. VeriSign doesn't believe the attackers infiltrated its Domain Name System network—which is responsible for directing traffic to .com, .net, and .gov addresses on the Internet—but it can't rule it out. The attacks occurred in 2010, but only came to light today, when Reuters spotted them in an October SEC filing. More»

Coming This Week: Dot-Anything

Domain name possibilities to explode on Thursday

(NEWSER) - The Internet is getting a makeover. Starting Thursday, the web will make a big step in moving way beyond dot-com , dot-net, and the like. For the first time since 2000, ICANN, the administrator of Internet addresses, will begin taking applications for a huge range of new top-level domain names. Now, companies large and small are racing to cash in on the transition, the Wall Street Journal reports. They're ready to pay the $185,000 application fee to become "registry holders" and control the letters to the right of the dot. More»

Internet Boots WikiLeaks—Temporarily

Julian Assange's site moves to Switzerland

(NEWSER) - WikiLeaks' US domain host terminated its account last night, making the website inaccessible for the third time in a week ... but it's already back online. EveryDNS, which had hosted the wikileaks.org domain name for 4 years, said the site has become the target of multiple denial-of-service attacks, threatening EveryDNS's infrastructure, Gawker reports. But hours after being booted, WikiLeaks announced a move to a company in Switzerland and tweeted its new URL, CNN reports. More»

iTunes Hackers Emptying PayPal Accounts

Phishing scam may be to blame

(NEWSER) - Fraudsters targeting iTunes users have been emptying PayPal accounts with large purchases of music, videos, and software from the Apple site. Users—some of whom have lost thousands of dollars in unauthorized charges billed to their account—complain that Apple seems to be unconcerned about the problem, TechCrunch reports. More»

NEWS FROM OUR PARTNERS

What is Newser?

Face it: there's too much news. At Newser, we choose the most thought-provoking and entertaining stories from hundreds of US and international sources and reduce them to a headline, picture, and two paragraphs. And we do it 24/7—you can come back morning, noon, night (and in between) for something new that matters. Read less, know more.

Learn more »

Partnering with: Slate

View Newser on the mobile website

Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong

OTHER STORIES ON OUR RADAR

domain names • phishing • Internet domains • cybercrime • DNS

MOST POPULAR STORIES

[ By Views ]

[ By Comments ]

More Newser Stories

'Every Network Is at Risk' Thanks to Bug

Security expert says DNS flaw could cause Internet-wide chaos

Hackers Hit Internet Giant VeriSign

Firm is responsible for delivering people to more than half of all websites

Coming This Week: Dot-Anything

Domain name possibilities to explode on Thursday

Internet Boots WikiLeaks—Temporarily

Julian Assange's site moves to Switzerland

iTunes Hackers Emptying PayPal Accounts

Phishing scam may be to blame

About Us

Site

Newser By Users

Community

Site Maps

Tools

More News

What is Newser?

Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong

Bookmark & Share

OTHER STORIES ON OUR RADAR

domain names • phishing • Internet domains • cybercrime • DNS

MOST POPULAR STORIES

[ By Views ]

[ By Comments ]

More Newser Stories

'Every Network Is at Risk' Thanks to Bug

Security expert says DNS flaw could cause Internet-wide chaos

Hackers Hit Internet Giant VeriSign

Firm is responsible for delivering people to more than half of all websites

Coming This Week: Dot-Anything

Domain name possibilities to explode on Thursday

Internet Boots WikiLeaks—Temporarily

Julian Assange's site moves to Switzerland

iTunes Hackers Emptying PayPal Accounts

Phishing scam may be to blame

About Us

Site

Newser By Users

Community

Site Maps

Tools

More News

What is Newser?