In the past month, we have observed additional BGP hijacks of authoritative DNS servers with a technique similar to what was used in April. This time the targets included US payment processing companies. In April 2018, we detailed a brazen BGP hijack of Amazon’s authoritative DNS service in order to redirect users of a crypto… Read More


Amazon lost control of a small number of its cloud services IP addresses for two hours on Tuesday morning when hackers exploited a known Internet-protocol weakness that let them to redirect traffic to rogue destinations. By subverting Amazon’s domain-resolution service, the attackers masqueraded as cryptocurrency website MyEtherWallet.com and stole about $150,000 in digital coins from… Read More


The attackers don’t seem to have compromised MyEtherWallet itself. Instead, they attacked the infrastructure of the internet, intercepting DNS requests formyetherwallet.comto make the Russian server seem like the rightful owner of the address. Most of the affected users were employing Google’s 8.8.8.8 DNS service. However, because Google’s service isrecursive, the bad listing was likely obtained… Read More


To address this type of attacker, we present Oblivious DNS (ODNS), which is a new design of the DNS ecosystem that allows current DNS servers to remain unchanged and increases privacy for data in motion and at rest. In the ODNS system, both the client is modified with a local resolver, and there is a… Read More