A Supercritical DNS Bug Might Put The Entire Internet At Risk

website-454460_1920A Bug for The Ages

Dan Kaminsky has recently alleged that a bug, which has been roaming for eight years in the Internet’s Domain Name Service or DNS, has resurfaced and could be utilized to spread malicious malware by exploiting the security systems of the computer.

For those who are unaware, Dan Kaminsky is an American security researcher who is also an expert in detecting malware activity through JavaScript and is widely popular for his work on DNA cache poisoning. Currently, he is the Chief Scientist of White Ops.

He has reported that the bug makes the system vulnerable to man in the middle attacks if hackers got access to the servers and said that it was a “solid critical vulnerability by any normal standard.”

Potent Poison

Kaminsky has also reported that this virus is potent enough to rattle completely a computer’s security, and said that a flaw was detected in the Gnu C standard library, also known as ‘glibc’, that can dupe users into browsing through shady domain names that are associated with such malware.

If clicked on, then the server would reply with a lengthy DNA name, which would give hackers the easy access to destroy the security codes of a computer. This bug is almost eight years old and has been around since May 2008. Kaminsky reported that the “buggy code has been around for quite some time” and has succeeded in acquiring a global status, an infection that could take ages to repair.

Redhat, who also discovered how vulnerable the system could get when infected by this bug, said that:

“A back of the envelope analysis shows that it should be possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and therefore allow attackers to exploit machines behind such caches.”

The bug has already spread its reaches throughout a large area on the virtual topography and is said to be as frightening as Heartbleed.

The Heartbleed is a security bug whose existence was acknowledged in April 2014 in the OpenSSL cryptography library. It is widely utilised nowadays to implement the Transport layer Security protocol. This bug, which was coded into the Gnu DNS libraries in 2008, doesn’t seem to pay much heed to the Android operating system.

Renee Biana

VPN Pick brings you all the latest vpn news, reviews and discounts.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Exclusive Offer: Get a 49% Discount off ExpressVPNGet This Deal