DNS Cache Poisoning Redirects Internic Customers to Alternic

Kashpureff Arrested in 1997 and Pleads Guilty to Computer Fraud

July 1996 - Upset with Internic's control of top domain names, Eugene Kashpureff of Alternic poisoned multiple DNS caching servers which later redirected web traffic to www.alternic.com. Cache poisoning is an illegal activity where the criminal sets up an authoritative name server containing false information. The criminal then baits a caching server by requesting information that it must request from the authoritative name server. When the answer comes back, additional information - false information - is also provided. Unsuspecting Internet users who use the poisoned cache server will be directed to the wrong location.

Some Internet criminals use cache poisoning to redirect users to malicious websites posing as banks and online stores. Users who do not recognize the switch often end up giving their personal financial information directly to the crooks. Before they can do anything about it, the crooks have cleaned out their bank accounts.

Kashpureff may have thought he was protesting, but his actions constituted stealing customers from the competition through abuse of internet software. Certain versions of BIND and other DNS software are vulnerable to cache poisoning, especially versions of BIND prior to 4.9.6 and version 8.1.1. Eugene Kashpureff was arrested in Canada and pleaded guilty to computer fraud in March of 1998.

Source: Technical Info dot Net

About Secure64 Software Corporation
Secure64® is a software developer providing highly secure DNS and server applications with built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® microOS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.

DNS Security News Index