Security News > 2020 > March > A Zero-Day Homograph Domain Name Attack
The vulnerability is the ability to register almost exact lookalike domain names.
Simple attacks would attempt to register a domain using similar Latin characters - for example G00GLE.COM to look like GOOGLE.COM. The first example uses zeros rather than the correct letter Os; and a successfully registered lookalike domain would likely be used as a malicious phishing site.
Firstly, Hamilton successfully registered a range of 27 major brand domains using IPA Extension homoglyph characters that are essentially indistinguishable from the correct domain names.
Hamilton also developed a script that facilitates domain permutations using homoglyph characters, and thereby helps locate such domains already registered.
In a statement, Verisign said, "Although we understand that ICANN has been on a path to address these issues globally, we have also proactively updated our systems and obtained the necessary approval from ICANN to implement the changes to the.com and.net top-level domains required to prevent the specific types of confusable homograph registrations detailed in Mr. Hamilton's report."
News URL
http://feedproxy.google.com/~r/Securityweek/~3/ODidn-ZyfEU/zero-day-homograph-domain-name-attack
Related news
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- SAP fixes suspected Netweaver zero-day exploited in attacks (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)