A new class of DNS vulnerabilities has been discovered, which impacts major DNS-as-a-Service (DNSaaS) providers. It could give hackers the ability to access sensitive information on corporate networks and the power for ‘nation-state level spying’. The flaws provide potential hackers with intelligence harvesting abilities by using a simple domain registration.
The research explained: “We found a simple loophole that allowed us to intercept a portion of worldwide dynamic DNS traffic going through managed DNS providers like Amazon and Google. The dynamic DNS traffic we ‘wiretapped’ came from over 15,000 organisations, including Fortune 500 companies, 45 U.S. government agencies, and 85 international government agencies.”