Leading Brazilian Bank in Grip of DNS Cache Poisoning Attack

In a latest cyber attack, the customers of one of the biggest banks of Brazil, Bandesco, are being redirected to fake websites, reports The Register on April 22, 2009. This redirection is due to an attack dubbed "DNS cache poisoning attack", targeting Brazil's Internet service provider, NET Virtua.

As per the security experts, attack of DNS cache poisoning abuse the vulnerabilities in the domain-name system of Internet. Internet Service Providers whose systems are unpatched against the flaws are likely to face these attacks. DNS cache poisoning attacks replace the authentic IP address of a website with a phony number. Then the user relying on lookup service is directed to malicious sites, although he would have typed in correct name into the browser.

This attack is aimed at implanting malicious codes into the unpatched PCs of users and secretly obtaining the passwords. When users make attempts to login to a site, a bogus login page opens and asks for their personal details. Apart from the usual information asked by bank, this fake and criminal-operated web page seeks for other details also that, by no means, are necessary, like CPF account of the users.

Paul Ferguson, security researcher at Trend Micro, stated that the matter becomes even more critical when it comes to a banking institution, as reported by The Register on April 22, 2009.

According to reports, nearly 1% bank customers have fallen victim of the attack. NET Virtua officials revealed that the attacks commenced on April 4, 2009; however, the Internet service provider, NET Virtua, has confirmed that the problem has now been resolved.

Security experts noted that this technique of attack has been prevailing since mid-1990s, when it security researchers found that DNS resolver could be bombarded with bogus Internet Protocol addresses. This attack, being a highly sophisticated attack, is difficult to get rid of. However, this attack is not always successfully launched, but whenever it is successful, it proves extremely efficient.

The attack can smartly divert the user traffic to malicious websites, which are proficient in implanting malicious code or in disguising as a trusted bank or any other reliable financial institution; thereby, stealing the users' confidential account details.

Related article: Leading anti-spam Organizations Come Together To Fight Spam

» SPAMfighter News - 23-04-2009

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial