SEO Exploit via DNS “piggybacking” found in the wild

A recent report out from the ISC (the ‘Internet Storm Center’, a program of the SANS Technology Institute) warns domain owners to check their DNS records.

We offer a DNS Records tool on frag.co.uk/tools/ that may be some help to our customers.

The report details around 50 organizations that have had new machine names added to their DNS zone information. These were then pointed to sites used to boost the search engine positions of pharmaceuticals, personals, and adult web sites.

A good explanation, and some other sites that are affected can be found on the ISC Diary – What’s In a Name blog post.

For example, the Federal Commission of Taxation in Argentina at www.cfi.gov.ar have a subdomain they presumably were unaware of, at “buy-viagra.cfi.gov.ar”, thankfully now suspended.

We run our own internal DNS servers here at frag.co.uk, and can proudly announce that all our domain owners are unaffected, secured and safe from this attack. Please feel free to contact us for more details.

Do you outsource your DNS? Would you ever catch something like this?

We may be able to help. One of our totally free tools on frag.co.uk/tools/ offers a “DNS Records” tab that allows you to keep an eye on your DNS records. Do let us know how you get on.


frag.co.uk
on Google+