Security company: many iot devices are vulnerable to dns-rebinding

Jul

20

2018

Security company Armis, known from the Blueborne leak, states that a large number of iot devices are vulnerable to a so-called dns-rebinding attack. Based on its own research, it estimates that 496 million devices worldwide are vulnerable in business networks.

According to the company , it includes routers, printers, cameras, TVs and telephones, mainly in business networks. An attack via dns rebinding occurs because a target, for example, visits a site that was set up by an attacker and contains malicious JavaScript. Another requirement is that the attacker has a malicious dns server in his management.

When the target visits the site, the dns server first responds with the actual address of the site, but with a very short ttl so that the address is stored only briefly in the cache. With a second lookup , which follows quickly through the short ttl, the dns server, however, passes a different address, for example an ip address on the local network. An attacker can, among other things, send a malicious command. Such an attack is not new and was already described in 2008 .

Armis claims that an attacker can, for example, collect information about devices on a local network that is normally closed by a firewall. For example, administrator interfaces could be accessed via upnp or http. An attacker can then connect an iot device to an external command and control server, Armis says.

The company’s warning is similar to that of another researcher, Brannon Dorsey, who recently published a blog post about his findings. For example, he showed that it was possible to attack devices such as a Google Home or a Sonos speaker via dns-rebinding. The various manufacturers then indicated that they wanted to develop patches. Previously, the technology was already deployed for vulnerabilities in the FritzBox firmware , the uTorrent client and the Blizzard Update Agent . These examples are fairly recent, but in 2010 a researcher warned that certain routers were vulnerable.

Viewing:-59

In: A Technology & Gadgets Asked By: [19503 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »


Star Points Scale

Earn points for Asking and Answering Questions!

Grey Sta Levelr [1 - 25 Grey Star Level]
Green Star Level [26 - 50 Green Star Level]
Blue Star Level [51 - 500 Blue Star Level]
Orange Star Level [501 - 5000 Orange Star Level]
Red Star Level [5001 - 25000 Red Star Level]
Black Star Level [25001+ Black Star Level]