Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

DNS Servers Hijacking Traffic to Fraudulent Sites, Galore

According to the researchers of Google Inc. and the Georgia Institute of Technology, there are over 68,000 fake DNS (Domain Name System) servers online that divert traffic from corrupt computers to bogus Websites. The researchers revealed this fact in their paper published in the second week of February 2008.

The paper that went through peers' review offers a broad measurement to determine the number of fake DNS servers. It was formally introduced at the San Diego Network and Distributed System Security Symposium of Internet Society on February 11, 2008.

The researchers explained that for a DNS scam to work, a computer must have a virus change DNS settings so that it can redirect users to the malicious server. The researchers also said that in the hijacking of DNS servers, DNS queries look for private information ranging from login credentials for e-mail to credit account data by taking over the infected systems.

Introducing their paper, the researchers said that the DNS system is a crucial component of the infrastructure of Internet. Internet infrastructure is used to ensure that computers know the method of communicating within a network. Normally, users of ISPs automatically use the DNS servers of Internet providers, however, in the recent attack, configurations on the victims' computers are modified to divert traffic towards phony DNS servers.

Attacks involving manipulation of DNS queries aren't new. Financially motivated hackers possess a high stimulus to control users' behavior online. Here, the paper marked the point that fake DNS servers don't necessarily give fake results. This is just the method used to fool users who believe that they are working properly on the Internet, the researchers explained.

Still, majority of the up-to-date antivirus systems block and expel the DNS viruses. If a computer is infected, then it needs to go through a scan by the latest anti-malware and have its DNS settings changed back to the original form.

Giving his views on the research thesis, Threat Researcher Paul Ferguson of Trend Micro Inc, a security vendor, said that many people fail to realize the severity of hijacking of DNS servers, as reported by the Associated Press on February 13, 2008.

Related article: DNS Servers Not Free of Vulnerability

ยป SPAMfighter News - 25-02-2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next