Security News > 2020 > March > A Zero-Day Homograph Domain Name Attack
The vulnerability is the ability to register almost exact lookalike domain names.
Simple attacks would attempt to register a domain using similar Latin characters - for example G00GLE.COM to look like GOOGLE.COM. The first example uses zeros rather than the correct letter Os; and a successfully registered lookalike domain would likely be used as a malicious phishing site.
Firstly, Hamilton successfully registered a range of 27 major brand domains using IPA Extension homoglyph characters that are essentially indistinguishable from the correct domain names.
Hamilton also developed a script that facilitates domain permutations using homoglyph characters, and thereby helps locate such domains already registered.
In a statement, Verisign said, "Although we understand that ICANN has been on a path to address these issues globally, we have also proactively updated our systems and obtained the necessary approval from ICANN to implement the changes to the.com and.net top-level domains required to prevent the specific types of confusable homograph registrations detailed in Mr. Hamilton's report."
News URL
http://feedproxy.google.com/~r/Securityweek/~3/ODidn-ZyfEU/zero-day-homograph-domain-name-attack
Related news
- Google fixes Android kernel zero-day exploited in targeted attacks (source)
- “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited (source)
- Versa fixes Director zero-day vulnerability exploited in attacks (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)