SOFTWARE SCANNER
$250-750 USD
Paid on delivery
Interception and Alteration of DNS Requests
The trick here is how web page addresses are like extensions of the IP addresses that the Internet works with. This extension is called DNS - Domain Name System. Each time you enter a website address in the address bar, your computer sends a request to a DNS server, which returns the requested domain address.
For example, when you type [login to view URL], the respective DNS server returns the IP address [login to view URL] - the location to which you are actually directed. Basically, this is what happens:
The question is: can they create their own DNS server that redirects their browsing to another IP address (say 6.6.6.6) in response to your [login to view URL], and that address can host an advertising site. This process is what we call DN hijacking.
The success of this activity now depends on a method that causes people to use a maliciously crafted DNS server that directs them to a fake advertising site.
Once the malicious application infiltrates the target smartphone and connects to the WiFi network, it communicates with a command and control (C&C) server and reports that propagation has been enabled on a particular network. Also provides the network ID.
If the Trojan can identify the correct credentials, it changes the legitimate DNS server settings to a malicious program. In addition, it configures a legitimate Google DNS with secondary DNS 8.8.8.8, so that the victim does not notice if the malicious advertising server goes down
In most wireless networks, devices get their network settings (including DNS server addresses) from routers, so all users who connect to a compromised network will use the malicious advertising server by definition.
If the Switcher numbers are accurate, in less than a month the seed malware could infect 1,280 wireless networks, with all user traffic from those access points available to the software administrator.
Mode 1: Modifying the user's DNS setting to use a criminal's own DNS service. This is done through a virus or attack on the victim's internet router / modem.
- Mode 2: By taking advantage of technical aspects of the network, hackers make the ISP's DNS "err" and enter a different number from the correct one. This error only airs for a few hours until the DNS buffer is renewed and it looks up the correct IP address again, undoing the modification;
- In order for the fake file to continue loading after DNS returns to normal, the hacking advertising code tells the victim's browser that it is "valid" until December 2015. As a result, the browser does not attempt to reload this file and advertising is still displayed, even with everything resolved;
Project ID: #21260235
About the project
6 freelancers are bidding on average $532 for this job
Hello we are working last 10 years in this field on Website development, PHP and many more. we assure you that we could solve your problem in better way. Please get in touch to discuss more in detail so we could start More
Nice to meet you I am an Amazon Cloud Architect for the web infrastructure serving 90 million page impressions and 12 TB Internet traffic per month. The AWS services I use are EC2, ELB, MySQL RDS, VPC, CloudFront, Elas More
