Yes, it is a time to be attentive and safeguard your devices. A serious DNS bug has been found in devices that help the black hat hackers to access people's data.
Due to this attack, millions of users are expected to be harmed. On investigation, the attacks are found to be termed as DNS (Domain Name System) cache poisoning and remote code execution attacks. Further, the systems are found with 7 security vulnerabilities in dnsmasq.
Generally, these DNS software are found in devices such as smartphones, computers, routers, servers, and other IoT devices.
Positively, the flaws were discovered by JSOF, an Israeli security company.
JSOF informed the users:
“Some of the DNSpooq vulnerabilities allow for DNS cache poisoning and one of the DNSpooq vulnerabilities could permit a potential Remote Code execution that could allow a takeover of many brands of home routers and other networking equipment, with millions of devices affected, and over a million instances directly exposed to the Internet,”
As per data, around 1.2 million servers have been exposed, and more are confirmed with high risk.
Besides, there are around 40 vendors that contain dnsmasq in their software, firmware, and products. Companies like Cisco, Comcast, Dell, Motorola, IBM, etc. are on the list.
DNSpooq, the security flaws can be categorised into 2 groups:
“The impact of DNS cache poisoning of the routing equipment DNS forwarding server can potentially lead to different kinds of fraud if users believe they are browsing to one website but are actually routed to another,”
JSOF came to know about the vulnerabilities in August 2020 and announced the news in public this month after their complete evaluation.
This is strongly advised to everyone to install the dnsmasq update version 2.83.
The respective vendors are also aware of the security flaws and are taking specific measures to provide a safe and secure experience for their users.
Stay in touch with ISOEH (Indian School of Ethical Hacking) to get industry updates and news.
Let's fight against the cybercriminals together!