Reply to post: Re: Oh dear, they STILL haven't figured out how dangerous this is!

Download this update from mybrowser.microsoft.com. Oh, sorry, that was malware on a hijacked sub-domain. Oops

Psion1k

Re: Oh dear, they STILL haven't figured out how dangerous this is!

I suspect that what is meant is that if you poke a dead/vulnerable alias, it will either not respond, or respond with a standard message effectively saying "no such website here", so is probably ripe for hijacking.

Any other response from the URL poked means it is still in use by "something", so they skip to the next possibility.

For MS, any such responding DNS entries are targets for removal.

The article is not about finding already compromised sub-domains, but about preventing future compromises from stale DNS records, though some sort of hunt and destroy for such is probably needed.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021