It is a well known fact that many domainers indulge in picking up the choicest of mistyped website names, popularly called domain typos, to make money from them. However, a startling fact came into view when some of the United States’ largest Internet Service Providers (ISPs) were discovered by IOActive security researcher Dan Kaminsky who reported that these ISPs have created a massive security hole that allowed hackers to use web addresses owned by eBay, PayPal, Google and Yahoo, and virtually any other large site.
The risk arose due to the trend where ISPs subvert the Domain Name System, or DNS, which translates website names into numeric addresses. The vulnerability was enough for phishers and cyber attackers looking for convincing platforms to distribute fake websites or malicious code. Earthlink users and a part of Comcast subscribers were definitely exposed to this security risk.
Earthlink is reported to intercept Non-Existent Domain (NXDOMAIN) response and sending the IP address of its technology and ad-partner Barefruit’s server as the answer. When the browser visits that page, the user sees a list of suggestions for what site the user might have actually wanted, along with a search box and Yahoo ads. The BareFruit’s server is reported to not being a secured server and susceptible to phisher attacks.
Domain Names Portfolio 
Leave a comment