[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Subject: A Deep Dive on the Recent Widespread DNS Hijacking Attacks
From: woody at pch.net (Bill Woodcock)
Date: Sat, 23 Feb 2019 11:29:20 -0800
In-reply-to: <[email protected]>
References: <[email protected]>

> On Feb 23, 2019, at 11:13 AM, Keith Medcalf <kmedcalf at dessus.com> wrote:
> 
> So in other words this was just an old school script kiddie taking advantage of DNS registrars, the only difference being this was a whole whack of script kiddies acting in concert directed by a not-quite-so-stupid script kiddie, with some "modernz" thrown in for good measure.

Itâ??s Iranian military.  If you want to call them script kiddies, thatâ??s up to you, but people familiar with the campaign characterize it as an APT, and have been for the several years that itâ??s been going on.

> the targets perfectly match those that the NSA would choose

Amusing bedfellows, if they werenâ??t so annoying.

> The second takeaway being that DNSSEC is useless

You seem to have gotten that one backwards, by over-straining yourself in an effort to seem clever.

> Did I miss anything?

Apparently, yes.

                                -Bill

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190223/9f65f550/attachment.sig>

References:
- A Deep Dive on the Recent Widespread DNS Hijacking Attacks
  - From: kmedcalf at dessus.com (Keith Medcalf)

Prev by Date: A Deep Dive on the Recent Widespread DNS Hijacking Attacks
Next by Date: A Deep Dive on the Recent Widespread DNS Hijacking
Previous by thread: A Deep Dive on the Recent Widespread DNS Hijacking Attacks
Next by thread: A Deep Dive on the Recent Widespread DNS Hijacking
Index(es):
- Date
- Thread