Here’s another interesting article from Itproportal titled: Cyberpunk groups pursuing government domain names
Picture inputting in a federal government internet address, and winding up on a site that looks like a federal government internet site, acts like a government web site, but swipes your data.
That’s primarily what occurred recently to Arab governments, yet additionally to federal government web sites, intelligence firms, telecommunications business and internet giants in 13 nations, for more than 2 years.
The ominous information was validated by two cybersecurity companies — Cisco’s Talos as well as FireEye. They are claiming that 2 different entities, among which might be state-sponsored, are doing the unclean work.
They dubbed them DNSpionage and also Sea Turtle (who generates these names, truly?).
The strike rotates around DNS hijacking. Hackers first use spear phishing to compromise a target as well as get involved in a network. After that they scan the network for vulnerabilities, targeting web servers as well as routers which allows them lateral movement throughout the network. They collect passwords along the road.
After that, utilizing the gotten qualifications, they target the organisation’s DNS registrar. They upgrade the registrar’s records so that the domain points to a web server that’s under hackers’ control.
And also boom– there you have it. One moment you’re on a federal government website, the next– a team of hackers is sniffing through your data.
Talos says Netnod was compromised in this manner by Sea Turtle, and also Netnod verified. This is a Sweden-based DNS supplier, as well as among the 13 origin web servers that powers the international DNS facilities.
We do not know precisely that was under assault, yet we do understand that cyberpunks targeted Armenia, Egypt, Turkey, Sweden, Jordan and the United Arab Emirates.
Image resource: Shutterstock/alexskopje