Google Public DNS Server Traffic Hijacked

Status
Not open for further replies.

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354

The Internet is becoming a dangerous place day-by-day and especially for those innocent web users who rely on 3rd party services. The latest bad news is that the World's largest and most widely used Google's free public DNS (Domain name system) resolvers raisedsecurity red flags yesterday.



DNS is the master address list for the Internet, which translates IP addresses into human readable form and vice versa. According to Internet monitoring firm BGPmon, Google's DNS server 8.8.8.8/32 was hijacked yesterday for 22 minutes.
The Google's DNS server handles around 150 billion queries a day and during the 22 minutes of hijacking, millions of Internet users, including Financial institutions, Governments were redirected to BT’s Latin America division in Venezuela and Brazil.

Hackers exploited a well-known vulnerability in the so-called Border Gateway Protocol (BGP), which is used to exchange data between large service providers, and hijacking could allow the attackers to simply re-route the traffic to a router they controlled.
BGP attack is the man-in-the-middle attack at large scale and harder to detect, as the traffic still reaches its legitimate destination and which was first demonstrated in 2008 by two security researchers - Tony Kapela and Alex Pilosov.
It's not the first time when Google Public DNS service has been hijacked. In 2010, DNS server traffic was hijacked and redirected to Romania and Austria.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top