14 DAY TRIAL // Let's suppose you have a bank account with online support, so you want to connect to the Internet and check your account. Simple as taking candies from a baby! Obviously, you load the official website of the bank and enter your login credentials. After a certain period of time, you notice that your account is empty and there's no sign of your money. 'How was that possible?' you may ask. Well, you were actually a victim of an online scam courtesy of malware writers, who were attempting to modify the DNS settings of the webservers in order to get the visitors to another pages. All they needed to do next was to create a copy of the bank's website (or create any other page full with adverts or adult material) and change the DNS of the genuine page, in order to take the visitors to the fake website. Just like a phishing attempt, but stronger and more difficult to notice.
A group of researchers have recently wrote a paper entitled "Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority" and scheduled to be released in February; it aims to underline the dangers of DNS attacks, a new trend when it comes to web scams. According to "The Register", the researchers from Google and the Georgia Institute of Technology found approximately 400,000 websites "to give incorrect information".
"Instead of having to write an elegant rootkit or a clever buffer overflow or wait for a vulnerability to be found and pounce, the malware writers are saying: 'We'll rewrite people's DNS settings.'It's a crime with few witnesses", David Dagon, one of the researchers who co-authored the study said, according to "The Register". "From the user's perspective, it looked like the Internet was working just fine - except that a different group of people made money off the ads, and search results could be altered."
According to the researchers, some of the attacked websites were owned by Bank of America and Whitehouse.gov, two popular pages that work with very important consumers' information.