Hijacking Search Results Through DNS Cache Poisoning

Apr 11, 2006 • 7:17 am | comments (0) by | Filed Under Search & Web SEO Spam

There is a known vulnerability that came to light yesterday based on a WebmasterWorld thread named Links hijacked in search engines. It is called DNS Cache Poisoning, and can affect your search marketing campaigns, big time. What happens?

Sub Attacks

Once an attacker has managed to poison a DNS cache, there are a number of ways they can subvert protocols that rely on DNS. Some of the potential methods are listed below.

Redirecting Web Traffic

An attack of this nature might range from a simple annoyance to a financial nightmare for a great number of people. The goal here is to set up a website that looks enough like the original so as to not raise any suspicion. Then the domain is hijacked via cache poisoning for as many ISPs/companies as possible, causing their traffic to hit the phony site instead.

Some of the sub-attacks here are:

Redirect a popular search engine to a pop-up ad site. Redirect a bank website to gain access to account passwords. Redirect news site to inject false stories and manipulate stocks.

From http://www.lurhq.com/cachepoisoning.html.

This can be a major issue for you and you should run a DNS Report today at http://www.dnsreport.com/.

For more information visit http://www.seoconsultants.com/tools/dns/cache/.

Forum discussion at WebmasterWorld and Search Engine Roundtable Forums.

Previous story: Yahoo Publisher Network Launches Blog
Ninja Banner
blog comments powered by Disqus