Finjan Inc., a web security company, has released reports today on hackers and cyber-criminals using typosquatted domain names to infect visitors to legitimate websites and increase the lifecycle of cyber-attacks. Leveraging the similarity to legitimate and frequently used domain names is successfully enabling these attackers to go unnoticed by webmasters and security solution providers.
From the report: "The abuse of trusted domain names attack vector was spotted during October by Finjan's Malicious Code Research Center (MCRC) when searching for popular services with a slight change of the top level domain. When Finjan's MCRC investigated http://go*gle-stat******.org (where * has obscured some of the characters of the domain) it was found that it took advantage of a domain name similar to a legitimate popular service, which contains malicious code that is designed to download and execute a Trojan on the visitor's machine. The malicious code itself is located on the abused domain name." Further research on the location of the domain name hosting the malicious site, also revealed another interesting finding: "The code was located on a trusted controlled IP address".
Read full story: External Source
Related topics: Cyberattack, Cybercrime, Cybersquatting, DNS, Domain Names, Law, Security
To post comments, please login or create an account.
MobileSponsored bydotMobi | |
DNS SecuritySponsored byAfilias | |
IPv6Sponsored byNominum | |
DNSSponsored byNeustar UltraDNS | |
SecuritySponsored byVerisign | |
Top-Level DomainsSponsored byMinds + Machines |
That press release ranks right up there with releases like
* The pope is catholic! News at 11
* Bears do crap in the woods, parks official confirms