Security News > 2020 > March > Vulnerability allows attackers to register malicious lookalikes of legitimate web domains

Cybercriminals were able to register malicious generic top-level domains and subdomains imitating legitimate, prominent sites due to Verisign and several IaaS services allowing the use of specific characters that look very much like Latin letters, according to Matt Hamilton, principal security researcher at Soluble.

To demonstrate the danger of these policies, he registered 25+ domains that resemble a variety of popular domains by using a mix of Latin and Unicode Latin IPA homoglyph characters.

"This vulnerability is similar to an IDN Homograph attack and presents all the same risks. An attacker could register a domain or subdomain which appears visually identical to its legitimate counterpart and perform social-engineering or insider attacks against an organization," he pointed out.

"Although we understand that ICANN has been on a path to address these issues globally, we have also proactively updated our systems and obtained the necessary approval from ICANN to implement the changes to the.com and.net top-level domains required to prevent the specific types of confusable homograph registrations detailed in Mr. Hamilton's report."

He advises users who discover that someone has registered a homograph of one of their domains to submit an abuse report to the appropriate organization.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/T1InrlpUNrw/