Pharming is the exploitation of a vulnerability in the DNS server software that allows a hacker to acquire the domain name for a site, and to redirect that website's traffic to another web site. DNS servers are the machines responsible for resolving internet names into their real addresses - the "signposts" of the internet.
If the web site receiving the traffic is a fake web site, such as a copy of a bank's website, it can be used to "phish" or steal a computer user's passwords, PIN or account number. Note that this is only possible when the original site was not SSL protected, or when the user is ignoring warnings about invalid server certificates.
For example, in January 2005, the domain name for a large New York ISP, Panix, was hijacked to a site in Australia. In 2004 a German teenager hijacked the eBay.de domain name.
Secure e-mail provider Hushmail was also caught by this attack on 24 April 2005 when the attacker rang up the domain registrar and gained enough information to redirect users to a defaced webpage.Anti-pharming technologies are now available
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment