You may be the victim of a major phishing scam that exploits a flaw in the backbone of the web addressing system and not even be aware of it – typing the desired URL directly into your browser could potentially lead you to a fake webpage, said Dan Kaminsky, a security researcher at IOActive.
A few months ago Kaminsky found that a Domain Name System (DNS) vulnerability was leaving internet users at risk to phishing attempts.
Several global software and hardware heavyweights, including Microsoft, have been working on effectively creating a security patch for the web since they were alerted to this security hole.
The DNS is like a middleman and is what links up the web address you are accessing with its unique numerical address. The flaw means hackers could redirect the www address to their own site, which could pose as an eBay, Amazon or banking portal and accept your credit card information.
This kind of hacking particular to a DNS vulnerability is known as ‘cache poisoning’. While vulnerabilities vary technically, the hacker will trigger them in the same fashion by sending “specially crafted DNS queries or responses”, poisoning the cache with arbitrary IP addresses, said the WatchGuard LiveSecurity bulletin from US-based WatchGuard Technologies.
Although this kind of attack is not new, the difference this time is that it is exploiting vulnerability present in Windows Exchange, SQL Server andDomain Name System (DNS) server, as well as client software, according to PC Advisor, which makes it a big concern.
If the DNS server belonging to your ISP (internet service provider) was compromised this would mean when your computer sent a request to the ISP to direct it to the numerical address, the hack would intervene and send it off in a wrong direction.
According to WatchGuard LiveSecurity, the severity of these vulnerabilities are medium and affect all version of Windows. It warns that the worst case scenario is an attacker can gain complete control of your Windows computer.
By Marie Boran