[WEB SECURITY] Attack via Domain hijacking

MustLive mustlive at websecurity.com.ua
Wed Feb 9 16:54:55 EST 2011


Hello participants of Mailing List.

In this post I'll tell you about attacks via Domain hijacking, which I wrote
about last week (http://websecurity.com.ua/4891/).

In last years new way of attacks on sites have appeared - it's attack on web
site via hijacking of a domain. It is known in previous years, but in recent
years there is increase of such attacks (particularly in 2009-2011 there
were few such attacks on well-known companies). So in my article I'm drawing
attention to this type of attack and presenting an examples of such attacks.

Last noted incidents (most of which concern with Google):

1. Attack on Google's site google.co.ma.

In May 2009 there was an attack on google.co.ma via changing of DNS
settings. Before it (in April) similarly were attacked Google's sites
google.dz and google.com.pr.

2. Deface of Google's site google.com.bd.

At beginning of January 2011 site google.com.bd was defaced via taking of
control on domain.

3. Hijacking of domain of ChronoPay.

At the end of December 2010 site of ChronoPay was hacked. Which I already
told about in the list recently
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007508.html).
Owners of processing company told, that the site was not hacked by itself,
but it was temporary domain hijacking.

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua






More information about the websecurity mailing list