An adversary registers a domain name one bit different than a trusted domain. A BitSquatting attack leverages random errors in memory to direct Internet traffic to adversary-controlled destinations. BitSquatting requires no exploitation or complicated reverse engineering, and is operating system and architecture agnostic. Experimental observations show that BitSquatting popular websites could redirect non-trivial amounts of Internet traffic to a malicious entity.
Description
Attack Execution Flow
3
1
Step 1
Explore[Determine target website] The adversary first determines which website to impersonate, generally one that is trusted and receives a consistent amount of traffic.
Research popular or high traffic websites.
AI Translation
[Determina il sito web target] L'attore malevolo innanzitutto individua quale sito web impersonare, generalmente uno di fiducia e che riceve un traffico costante.
Ricerca sui siti web popolari o ad alto traffico.
Attack Techniques
-
Research popular or high traffic websites.
2
Step 2
Experiment[Impersonate trusted domain] In order to impersonate the trusted domain, the adversary needs to register the BitSquatted URL.
Register the BitSquatted domain.
AI Translation
[Impersonare un dominio di fiducia] Per impersonare il dominio di fiducia, l'attaccante deve registrare l'URL BitSquatted.
Registrare il dominio BitSquatted.
Attack Techniques
-
Register the BitSquatted domain.
3
Step 3
Exploit[Wait for a user to visit the domain] Finally, the adversary simply waits for a user to be unintentionally directed to the BitSquatted domain.
Simply wait for an error in memory to occur, redirecting the user to the malicious domain.
AI Translation
[Attendere che un utente visiti il dominio] Infine, l'avversario aspetta semplicemente che un utente venga involontariamente indirizzato al dominio BitSquatted.
Basta attendere che si verifichi un errore in memoria, reindirizzando l'utente al dominio dannoso.
Attack Techniques
-
Simply wait for an error in memory to occur, redirecting the user to the malicious domain.
Mitigations
2
Authenticate All Servers And Perform Redundant Checks When Using Dns Hostnames.
When Possible, Use Error-Correcting (Ecc) Memory In Local Devices As Non-Ecc Memory Is Significantly More Vulnerable To Faults.
Consequences
Security Scopes Affected
Other
Potential Impacts
Other