Latest Domain Name Hack Disguises Its Danger

Can secretly steer Windows users wrong
By Nick McMaster,  Newser Staff
Posted Dec 11, 2007 8:48 PM CST
Latest Domain Name Hack Disguises Its Danger
DNS server-based phishing attacks are very effective at stealing passwords.   (shutter stock)

The misdirection of “open-recursive” DNS servers, which facilitate web-surfing by translating verbal domain names into numerical IP addresses, is the new, more covert face of cyber-criminality, and could explode into a new wave of phishing attacks, IDG News reports. Hackers can use these types of DNS servers to redirect a web user to pages of their choosing, regardless of the web address they entered.

DNS server misdirection itself is not new, but attacks are now coordinated with web- or email-based malware, which changes a Windows registry setting so that an individual's computer can only visit DNS servers compromised by the criminals. With that control, they can subtly, perhaps only occasionally send a user to fake sites—such as during an online banking session—or simply hijack their entire Internet experience. (More DNS stories.)

Get the news faster.
Tap to install our app.
X
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.

X