A Worldwide Hacking Spree Uses DNS Trickery to Nab Data (Wired)

["DAVID FARBER" <dfarber () me com>]

Begin forwarded message:

> From: the keyboard of geoff goodfellow <geoff () iconia com>
> Date: January 21, 2019 at 6:40:23 AM GMT+9
> To: Interesting Stuff list <is () iconia com>
> Subject: IS: A Worldwide Hacking Spree Uses DNS Trickery to Nab Data (Wired)
>
> EXCERPT:
> Iranian hackers have been busy lately, ramping up an array of targeted attacks across the Middle East and abroad. And 
> a report this week from the threat intelligence firm FireEye details a massive global data-snatching campaign, 
> carried out over the last two years, that the firm has preliminarily linked to Iran.
>
> Using a classic tactic to undermine data security as it moves across the web, hackers have grabbed sensitive data 
> like login credentials and business details from telecoms, internet service providers, government organizations, and 
> other institutions in the Middle East, North Africa, Europe, and North America. FireEye researchers say the targets 
> and types of data stolen are consistent with Iranian government espionage interests—and that whoever is behind the 
> massive assault now has a trove of data that could fuel future cyberattacks for years.
>
> “It’s consistent with what we’ve seen Iran do before and the signs point there, but we just wanted to get this out 
> because it is affecting dozens of entities,” says Ben Read, senior manager of cyber-espionage analysis at FireEye. 
> “We have not seen the last of this.”
>
> To siphon off so much sensitive data from dozens of targets, the attackers have used variations on the technique 
> known as DNS hijacking. This method takes advantage of weaknesses in the foundational protocols underpinning the 
> internet to divert data into the hands of attackers.
>
>
> When you load a website in a browser or use a web service, you receive the right content from the right web server 
> because of a behind-the-scenes process of “Domain Name System” checks. Essentially the internet version of phonebook 
> lookups, DNS servers reveal the path a browser or service needs to take to connect with its intended destination.
>
> Think of it this way: If you change other numbers in the phonebook to your own, or manipulate infrastructure so a 
> bunch of other numbers also ring on your line, you can listen in on all sorts of calls without your targets 
> necessarily realizing that anything is wrong.
>
> In the case of the massive DNS hijacking spree FireEye found, hackers have been manipulating DNS records since 
> January 2017 to intercept email data, usernames, passwords, and details about organizations’ web domains...
>
> [...]
> https://www.wired.com/story/iran-dns-hijacking/
>
> -- 
> Geoff.Goodfellow () iconia com
> living as The Truth is True
> http://geoff.livejournal.com  
>
>
> This message was sent to the list address and trashed, but can be found online.



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-a538de84&post_id=20190120173439:90B1763C-1D03-11E9-A590-A2B4850BDB98
Powered by Listbox: https://www.listbox.com