Doppelganger Domains: A New Way for Hackers to Steal Your Data

For years, hackers have been able to wreak havoc on the public through domain typo-squatting, in which hackers register domain names based on common typographical errors of legitimate domains. For example, the hacker might register ony.com instead of sony.com. Once an unsuspecting individual accidentally visits the hacker's website, the individual could be led to download malicious programs from what they believe is a legitimate and trusted web site. In a recent report, researchers at the Godai Group, an information security firm, have exposed a new form of information theft that is very similar to domain typo-squatting. The hacker purchases a domain that simply omits the dot between a company’s host name and sub-domain name and configures an e-mail server to receiver all e-mail addresses to that domain. These domains are referred to as “doppleganger domains”. For example, one might register seibm.com, instead of the real address for IBM’s Swedish division, se.ibm.com. This allows the hacker to intercept any e-mails that were sent to the doppelganger domain and collect information passively. Hackers have now taken the doppelganger domain concept a step further. These individuals not only intercept incoming e-mails but they also alter the e-mails by requesting important or sensitive information. The hacker will then impersonate the sender by forwarding the altered e-mail from yet another doppelganger domain, this time a domain name similar to that of the sender’s. The ultimate receiver of the altered e-mail believes that the request for information is coming from a trusted source and promptly sends the requested information to the hacker. Large corporations such as Fortune 500 companies are believed to be major targets. The Godai Group found from reviewing the WHOIS information that some Fortune 500 companies already had doppelganger domains registered to domains associated with malware and phishing. For more commentary, visit: http://tinyurl.com/5ratps3 Summary by: Thomas Wong