



A significant new security vulnerability has been found in the DNS protocol by a group of Israeli students from the Technion’s Department of Computer Sciences, which allows the attackers to redirect users to a website they control.



The Technion Students, Roee Hay and Jonathan Kalechstein from the Faculty of Computer Science, The Technion Students, Roee Hay and Jonathan Kalechstein from the Faculty of Computer Science, discovered a Loophole in Security of the DNS Protocol whichallows attackers to be redirected to a bogus website while they are trying to visit a legitimate one.





What is DNS?









Dr. Gabi Nakibly. explains the process as follows,

“During the resolution of name to IP address, DNS servers look for the server storing the corresponding IP address,” “The weakness that the students found allows hackers to compel a DNS server to connect with a specific server chosen out of a set of potential servers. If that server is controlled by the attacker, that DNS server will receive a false IP address. This type of cyber attack gives hackers an advantage, by causing computers to ‘talk’ with network stations that they alone control without being able to detect the occurrence of the fraud.”

“Since this is a complex attack chances are hackers won’t use it. Still, it’s always important to protect yourself before entering important websites like banks, health clinics and so on, in addition to making online credit-card payments as secure as possible. The best means of defense is to verify the website’s digital signature. Any self-respecting website has a digital signature, you can check it using your browser and make sure it’s real,” said AlonGoldfiz, senior systems engineer at Fortinet..

What to DO?

Image:- THN

After the discovery of the major vulnerability "Heartbleed" on the Open SSL, many of the organisation is being found a victim of the vulnerability. Two days before another major vulnerability dubbed as Covert Redirect were reported on the authentication OAuth and OpenID. But this may not the end till yet, as another security vulnerability is being reported.DNS is the master address list for the Internet, which translates IP addresses into human readable form and vice versa. The DNS translates Internet domain and host names to IP addresses . DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites.The researchers have discovered a way to force DNS servers for asking information to a specific server controlled by attackers that could respond with fake IP addresses.With the vulnerability, attacker can redirect the mass number of users to the to a website they control to serve a malware or a phishing website to steal the users information.“We were very surprised to find a loophole in the protocol,” “We reported it to the authorities responsible for its implementation, they responded that they were unaware of this problem, and added that they will replace the algorithms in the next software version release.” commented said Kalechstein.As the discovery was a result of the research conducted by the Students at Technion, security experts haven’t observed attacks exploiting the flaw.Till yet a patch of the vulnerability is not been released, so users are advised to check the URL of the visiting link and also check the URL of the page which asked for any credentials. And for malicious page, keep your antivirus or anti malware program update and also you can install the various browser extension of the antivirus.