[dns-operations] Massive DNS poisoning attacks in Brazil

Simon Munton Simon.Munton at communitydns.net
Mon Nov 7 13:41:59 UTC 2011


Also sounds oddly similar to this, from Apr 09

http://www.theregister.co.uk/2009/04/22/bandesco_cache_poisoning_attack/


Here some details on IP addresses, but no indication of vector

http://www.dataprotectioncenter.com/security/brazilian-bank-targeted-by-phishing-site-and-dns-poisoning/


On 07/11/2011 13:01, Stephane Bortzmeyer wrote:
> http://www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil
>
> A long article about "DNS poisoning" without even a dig output, bad.
>
> One sentence at the end seems to indicate it has nothing to do with
> DNS poisoning but that the cracker was able to hijack the router (in
> which cas all your bets are off).
>
> And a stupid advice to use Google Public DNS at the end... (As if a
> cracked router could not intercept its replies and change them.)
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs


More information about the dns-operations mailing list