Working in customer care you get to see every kind of issue computer users can have. This can lead to extremely interesting situations. One particularly noteworthy issue we are seeing is an interesting DNS hijack that sets the victim’s computer to use specific DNS servers. While this attack might not sound that interesting and may even seem simple to fix, what if it were not easily visible to the user? What if there were a way to set static DNS entries so that the Primary and Secondary DNS servers did not show up in the expected area in the GUI? Worse yet, your settings would say you were using DHCP, as you would expect to see, when you were not. This is exactly what has been done by a recent Potentially Unwanted Application (PUA) named DNS Unlocker and by a few other threats as well.
Crouching Tiger, Hidden DNS
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.