Hackers have released software that exploits a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between computers on the Internet. The attack code was released Wednesday by developers of the Metasploit hacking toolkit.
Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches. Attackers could also use the code to silently redirect users to fake software update servers in order to install malicious software on their computers, said Zulfikar Ramizan, a technical director with security vendor Symantec. "What makes this whole thing really scary is that from an end-user perspective they may not notice anything," he said.
6 Comments - Add comment