DNS Piracy Claims from Dutch Tech Mag

3 comments
Thread Title:
Internet Storm Center's "Handler's Diary" for 2/2/05
Thread Description:

Is it April 1 in some timezone I'm not aware of?

The Handler's Diary at SANS Internet Storm Center is reporting on an article appearing in a new Dutch tech magazine "Bright".

The article details a "super secret group of k-rad organized hackers subtly herding innocent web surfers away from their intended targets" by a DNS exploit that is redirecting millions of users.

Supposedly the owner of a porn portal was approached and offered "a million hits" for $1000. To demonstrate, the "salesman" asked the owner of the site for his IP, and sent him to Google. The minute he clicked "Search", he was redirected to the site.

As the diary points out, it's kind of hard to imagine a DNS exploit acting this way (perhaps a malware infected "prospect" was being manipulated?), but apparently other media outlets are starting to pick up the story and spread it like mad...

It'll be interesting to see what spin goes on this. If it comes out as "Search on Google, get Porn Site", it'd sure be a great time to launch a competing search site...

Comments

Weird...

Sounds rather sensationalist doen't it?

What is SANS meta4ic? I've never seen it before...

SANS

Actually, I'm not terribly sure what all SANS does.

Their "Internet Storm Center" has been a good source of daily "head's up" alerts for exploits though.

I've been following them for about a year, and my guess is they've saved my butt more than a few times :-) Most recently, with an alert on the awstats exploit the other day...

They also have daily stats of what ports are being probed most, which attacks are on the rise, which dropping off, etc.

SANS Institute (Systems Admin

SANS Institute (Systems Administration Networking and Security). One of the "big three" professional certification organizations for information security professionals, apparently!

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.