Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

DNS Servers Hijacking Traffic to Fraudulent Sites, Galore

According to the researchers of Google Inc. and the Georgia Institute of Technology, there are over 68,000 fake DNS (Domain Name System) servers online that divert traffic from corrupt computers to bogus Websites. The researchers revealed this fact in their paper published in the second week of February 2008.

The paper that went through peers' review offers a broad measurement to determine the number of fake DNS servers. It was formally introduced at the San Diego Network and Distributed System Security Symposium of Internet Society on February 11, 2008.

The researchers explained that for a DNS scam to work, a computer must have a virus change DNS settings so that it can redirect users to the malicious server. The researchers also said that in the hijacking of DNS servers, DNS queries look for private information ranging from login credentials for e-mail to credit account data by taking over the infected systems.

Introducing their paper, the researchers said that the DNS system is a crucial component of the infrastructure of Internet. Internet infrastructure is used to ensure that computers know the method of communicating within a network. Normally, users of ISPs automatically use the DNS servers of Internet providers, however, in the recent attack, configurations on the victims' computers are modified to divert traffic towards phony DNS servers.

Attacks involving manipulation of DNS queries aren't new. Financially motivated hackers possess a high stimulus to control users' behavior online. Here, the paper marked the point that fake DNS servers don't necessarily give fake results. This is just the method used to fool users who believe that they are working properly on the Internet, the researchers explained.

Still, majority of the up-to-date antivirus systems block and expel the DNS viruses. If a computer is infected, then it needs to go through a scan by the latest anti-malware and have its DNS settings changed back to the original form.

Giving his views on the research thesis, Threat Researcher Paul Ferguson of Trend Micro Inc, a security vendor, said that many people fail to realize the severity of hijacking of DNS servers, as reported by the Associated Press on February 13, 2008.

Related article: DNS Servers Not Free of Vulnerability

ยป SPAMfighter News - 2/25/2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next