The Internet is becoming a dangerous place day-by-day and especially for
those innocent web users who rely on 3rd party services. The latest bad
news is that the World's largest and most widely used Google's free
public DNS (Domain name system) resolvers raised security red flags yesterday.
DNS is the master address list for the Internet, which translates IP
addresses into human readable form and vice versa. According to Internet
monitoring firm BGPmon, Google's DNS server 8.8.8.8/32 was hijacked yesterday for 22 minutes.
The Google's DNS server handles around 150 billion queries a day and
during the 22 minutes of hijacking, millions of Internet users,
including Financial institutions,
Governments were redirected to BT’s (British multinational
telecommunications services company) Latin America division in Venezuela
and Brazil.
It is suspected that Hackers exploited a well-known vulnerability in the so-called Border Gateway Protocol (BGP), which is used to exchange data between large service providers, and hijacking could allow the attackers to simply re-route the traffic to a router they controlled.
BGP attack is the man-in-the-middle attack at large scale and harder to detect, as the traffic still reaches its legitimate destination and which was first demonstrated in 2008 by two security researchers - Tony Kapela and Alex Pilosov.
It's not the first time when Google Public DNS service has been
hijacked. In 2010, DNS server traffic was hijacked and redirected to
Romania and Austria.
0 comments:
Post a Comment