Thursday, March 15, 2007

Witches Brew: Cheap domains, DDoS, and man-in-the-middle eBay scams

A rash of recent reports seem to revolve around the great ease and small cost of registering domains. Perhaps it is time to revert to some of the original limitations on domain name registration. Consider that before April 1, 1998, the fee for registering domain names at InterNIC (operated by Network Solutions) was US $100.00 for a two year registration and there was a limit on how many names one person could register. On April 1 the fee went down to US $70.00 for a two-year period, and renewals were decreased to $35.00 from $50.00. Despite that, the number of domains registered was already close to 2 million.

According to research from McAfee cheap or free registration of new domain names drives the growth in Web sites used for spamming or hosting malicious software.

One of the biggest names in domain name registration, GoDaddy, was hit with significant and sustained distributed denial-of-service attacks Sunday, resulting in four to five hours of intermittent service disruptions, including hosting and e-mail.

Symantec has uncovered an unusually sophisticated email scam, targeting eBay users with a combination of legitimate eBay auctions and a Windows Trojan that intercepts a user's web traffic. The "advanced" malware involved, called Trojan.Bayrob, sets up a man-in-the-middle attack, Symantec said in a blog last week.

"While we have previously seen Infostealers that try to steal your username and password, a threat attempting a man in the middle attack on eBay is very unusual," wrote Symantec's Liam O'Murchu. "Man-in-the-middle attacks are very powerful, but are also difficult to code correctly."

Fascinating differences in levels of risk around te world have been mapped by McAfee. For example, "a consumer is almost 12 times more likely to encounter a drive-by-download while surfing Russian domains as Columbian ones."

1 comment:

Anonymous said...

I like this blog posts. Keep it up