LZZR Hit by Easter DoS Attack - Significant DNS Security Issue

DoS DNS attack revealed all usernames and passwords to hackers

April 8, 2007 - LZZR was affected by what seemed to be a Denial of Service (DoS) attack targeting its host's Domain Name Service (DNS) servers. At first glance, the DNS hosting company noticed outages on all of its DNS servers, causing its hosted Web sites and e-mail to go down. However, the DoS attack was more dangerous than expected.

The DoS attacker was very versatile and managed to redirect traffic from LZZR and some other Web sites to a Pay Per Click (PPC) landing page (searchportal.information.com), a traffic monetization system. The DoS attack affected only .com Web sites and the landing page was owned by account 19911.

The Web master at LZZR could not take actions to stop the DoS attack because the DoS attack was taking place at the DNS level, which was not under the Web master's control.

That same day, a new, alarming level of DNS security was breached. The cyber criminal gathered cookies from all users that were redirected to the PPC landing page. This meant that all the users' passwords and usernames could be seen by the DoS attacker. In response, LZZR immediately asked all its users to change their passwords and even their usernames. Additionally, some e-mails from and to the affected domains were intercepted by the DoS attacker. Although the DoS attacker did not make money, the DNS attack compromised many accounts by revealing usernames and passwords to the DoS attacker.

Source: LZZR

About Secure64 Software Corporation
Secure64® is a software developer providing highly secure DNS and server applications with built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® microOS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.

DNS Security News Index