Security News Google, Roku, Sonos to Fix DNS Rebinding Attack Vector (New products vulnerable!)

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
The developer teams from Google Home, Roku TV, and Sonos, are preparing security patches to prevent DNS rebinding attacks on their devices.

Roku has already started deploying updates, while Google and Sonos are expected to deploy patches next month.

What's a DNS rebinding attack?

DNS rebinding is not a new attack vector by any stretch of the imagination. Researchers have known about it since 2007 when it was first detailed in a Stanford research paper.

The purpose of a DNS rebinding attack is to make a device bind to a malicious DNS server and then make the device access unintended domains. DNS rebinding attacks are usually used to compromise devices and use them as relay points inside an internal network. A typical DNS rebinding attack usually goes through the following stages:
New products found vulnerable to DNS rebinding attacks

However, in recent months, things have started to change. Interest into DNS rebinding flaws from well-known security researchers like Google's Tavis Ormandy has re-brought this issue into the limelight.

Flaws have been discovered and fixed in products such as Blizzard's Update Agent, the uTorrent client, and the geth Ethereum mining software.

One of the latest deep-dives into DNS rebinding attacks comes from Chicago-based Brannon Dorsey. Yesterday, he published his latest research on the matter, which included a study of some modern IoT equipment and how they handle a DNS rebinding attack.

To nobody's surprise, Dorsey found that most of the equipment he tested was vulnerable. For the past three months, he's badgered vendors to patch these issues and found no success until two members of the press got involved and also started asking questions on the topic. More below:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top