Computing News | DNS Hacks: 'Phishing 2.0'

Latest News | News Archive |

Posted by: Tweaker
Date added: Monday, 13 Oct 2008 GMT
Source: Yahoo News

Researchers at Google and the Georgia Institute of Technology are investigating a "virtually undetectable" form of attack that will quietly direct unsuspecting Internet users to phishing websites and other scams. According to IDG News, an upcoming study will investigate a new generation of phishing attack wherein code hijacks a user's DNS settings, directing them to hacked open recursive DNS servers and scam websites.

As far as we can tell this isn't really new, as scammers have been mucking with user DNS settings for at least four years. It's the coordinated level of sophistication that worries researchers. From the report:

Here's how an attack would work. A victim would visit a Web site or open a malicious attachment that would exploit a bug in his computer's software. Attackers would then change just one file in the Windows registry settings, telling the PC to go to the criminal's server for all DNS information. If the initial exploit code was not stopped by antivirus software, the attack would give attackers virtually undetectable control over the computer.

According to the researchers, as many as 0.4 percent, or 68,000 open-recursive DNS servers are now "behaving maliciously," returning false answers to DNS queries.

  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!    Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

[  To top | Latest News | News Archive | ]