Researchers found that IoT devices are vulnerable to DNS re-binding. Despite the fact that the solution for counteracting such attacks was invented in the last decade, millions of IoT devices remain at risk.
The Internet of things is threatened not only by new inventions of cybercriminals, but also by methods already tested by time. Among them are DNS attacks, in particular, DNS re-binding (better known as DNS rebinding).This opinion expressed Craig Young, head of Tripwire’s cybersecurity research department.
Read also: C&C server of the new version of Mirai hides in the Tor-network
DNS re-binding actually turns victim’s browser into a proxy for attacking private networks with connected IoT devices.
“In recent years, I have discovered millions of vulnerabilities in such devices”, – said Craig Young.
According to him, this is partly due to the fact that the Internet of things often uses http protocols, which are especially vulnerable to DNS re-binding. In the future, the consequences of this vulnerability may be significant: re-binding opens new doors for botnets.
DNS re-binding actually turns the victim’s browser into a proxy for attacking private networks with connected IoT devices.
“This is a fairly old type of attack that has been actively used by attackers for more than a decade. The problem is that information security experts seem to ignore DNS attacks, not considering them a real threat, but in the future someone might want to create a botnet that will have so many goals because of the popularity of the Internet of things”, – complements Chris Young.
During his research, Chris Young found that devices such as the Google Home smart speaker, Sonos speaker, and Belkin Wemo smart socket are vulnerable to DNS attacks. The last two devices use the SOAP Web Services Access Protocol standard.
If desired, an attacker using DNS re-binding can steal data from the device, disconnect, restart it, block it or force it to play false content.