Domain Poisoning Attack Might Be Underway, But, No One Can Find It
from the that's-comforting... dept
There are rumors going around that there’s some sort of malicious attack going on concerning some DNS servers. Unfortunately, it’s all speculation at this point, and there doesn’t seem to be any evidence other than lots of whispering, and increased traffic to some malicious sites that install spyware. Some believe that one of two things is happening: either DNS cache poisoning (by hacking in and changing a DNS server cache to point people to the wrong domains) or DNS hijacking (changing the actual DNS server to point people to the wrong sites). Some more confirmation on this issue would be nice, but, in the meantime, watch where you’re surfing… you might not end up where you thought you were going.
Comments on “Domain Poisoning Attack Might Be Underway, But, No One Can Find It”
new HOSTS file
If someone managed to replace the HOSTS file on a windows box, it’d be easy enough to point users to the wrong machine.