Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong
By Nick McMaster,  Newser Staff
Posted Dec 11, 2007 8:48 PM CST
Latest Domain Name Hack Disguises Its Danger
DNS server-based phishing attacks are very effective at stealing passwords.   (shutter stock)

The misdirection of “open-recursive” DNS servers, which facilitate web-surfing by translating verbal domain names into numerical IP addresses, is the new, more covert face of cyber-criminality, and could explode into a new wave of phishing attacks, IDG News reports. Hackers can use these types of DNS servers to redirect a web user to pages of their choosing, regardless of the web address they entered.

DNS server misdirection itself is not new, but attacks are now coordinated with web- or email-based malware, which changes a Windows registry setting so that an individual's computer can only visit DNS servers compromised by the criminals. With that control, they can subtly, perhaps only occasionally send a user to fake sites—such as during an online banking session—or simply hijack their entire Internet experience. (Read more DNS stories.)

We use cookies. By Clicking "OK" or any content on this site, you agree to allow cookies to be placed. Read more in our privacy policy.
Get the news faster.
Tap to install our app.
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.