Domain Name System Hijacking Emerges As New Phishing Tactic
Being a Canadian content site, I don’t often bring in “news from the outside” but I feel that this security release is of huge importance. How many of us have received fake emails about our Blizzard accounts – not that I have one, but I still get them – and I feel that this needs to be shared.
Tacoma’s IID (Internet Identity) has released its Fourth Quarter eCrime Trends Report that revealed evidence cyber-criminals are now using domain name system (DNS) hijackings to steal critical personal information like credit card numbers. According to IID, criminals hijacked ChronoPay.com, Russia’s largest payment processor – and one of the largest payment processors in Europe – for several hours on December 25 and 26 via DNS hijacking. By redirecting the ChronoPay domain to a bogus payment site, the attackers collected at least 800 credit card numbers from customers attempting to submit payments with ChronoPay.
While we’ve been warning for years that DNS hijackings could result in financial disaster, we hadn’t seen such a well-planned and successful attack of this nature until this incident,” said IID President and CTO Rod Rasmussen. “With ChronoPay, our worst fears came true. Unlike the recent DNS hijackings of Twitter, Baidu and others, with ChronoPay we have confirmation that people’s vital information was stolen without them being aware of it.”
As the translator between domain names and IP addresses, DNS is the glue that holds everything together on the Internet, from keeping time to conducting transactions to transmitting messages to sharing corporate and consumer data. By hijacking these DNS translations, attackers can drive unsuspecting surfers and corporate users to malicious sites, making large parts of the ‘Net largely insecure. They can also intercept corporate e-mail, financial transactions, and other highly sensitive data and personal information.
Other detailed findings of IID’s report include:
* Phishing attacks impersonating gaming companies increased 489 percent from Q4 2009 to Q4 2010.
* Overall phishing attacks went up 14 percent from Q4 2009 to Q4 2010.
* Phishing attacks impersonating e-commerce companies jumped over the holiday season. In all, these attacks increased 13 percent from Q3 to Q4 2010.
Sources of data and background for the IID 2010 Fourth Quarter eCrime Trends Report include IID’s own security experts and some of the world’s leading security and Internet infrastructure organizations like ICANN and APWG.
