Forbes reports that a massive security hole has been
discovered in the base design of DNS addressing on the internet. They quote Ken
Silva, chief technology officer for VeriSign who manages dotcom and dotnet
addressing on the internet. Ken says: "There’s a bunch of money on the street.
If you can get over there soon enough, you can get it."
What is the
Forbes say that criminals have found a way to add incorrect
information to data moving around DNS servers. As a result, "hackers can swap
out the address of a legitimate Web site and insert the address of their
malicious Web site instead." This then allows the criminals to redirect
internet surfers from the website they want to a non-bona fide website.
The first example of this in practice was an attack on AT&T’s
website that redirected to Google and automatically sent clicks to Google Ads,
with the profits of those clickthrough going to the criminals.
watch out if you’re running an internet banking service as this is now
public domain, and could be a major security exposure during this quiet