http://www.wired.com/threatlevel/2011/09/doppelganger-domains/ By Kim Zetter Threat Level Wired.com September 8, 2011 Two researchers who set up doppelganger domains to mimic legitimate domains belonging to Fortune 500 companies say they managed to vacuum up 20 gigabytes of misaddressed e-mail over six months. The intercepted correspondence included employee usernames and passwords, sensitive security information about the configuration of corporate network architecture that would be useful to hackers, affidavits and other documents related to litigation in which the companies were embroiled, and trade secrets, such as contracts for business transactions. "Twenty gigs of data is a lot of data in six months of really doing nothing," said researcher Peter Kim from the Godai Group. "And nobody knows this is happening." Doppelganger domains are ones that are spelled almost identically to legitimate domains, but differ slightly, such as a missing period separating a subdomain name from a primary domain name -- as in the case of seibm.com as opposed to the real se.ibm.com domain that IBM uses for its division in Sweden. [...] _____________________________________________________________ Register now for the #HITB2011KUL - Asia's premier deep-knowledge network security event now in it's 9th year! http://conference.hitb.org/hitbsecconf2011kul/Received on Fri Sep 09 2011 - 00:59:41 PDT
This archive was generated by hypermail 2.2.0 : Fri Sep 09 2011 - 00:58:23 PDT