A decade-old technique for attacking computer networks has resurfaced as a way to manipulate IoT devices, smart home gadgets and streaming sticks, sending a number of manufacturers scurrying to fix the vulnerability.
Called ‘DNS rebinding’, the attack uses fraudulent IP addresses to breach the security of Wi-Fi networks, and is believed to have been first disclosed in 2007 by cyber-security researchers at Stanford University. According to a research note published by noted cyber-security researcher Brannon Dorsey, the old vulnerability has reared its ugly head in virtually every IoT device and connected gadget he tested, “leading to information being leaked, or in some cases, full device control”.
He claims that the code will only point out the vulnerable devices for the user’s benefit, and will not actually do anything malicious.
Meanwhile, according to Wired, the manufacturers contacted by Dorsey have all acknowledged the issue, and are actively working towards mitigating it. Roku has already started deploying updates to plug the security loophole its Roku TV devices, while Google and Sonos are expected to start rolling out the patches next month.
In case you’re wondering about DNS rebinding, it enables malicious webpages to access and potentially hijack vulnerable devices on a local network by circumventing the so-called ‘same-origin’ safeguards that prevent pages or data loaded by IP address from being modified by pages or data loaded by a different IP address. The technique is mostly used for IPs on the local network rather than to redirect users to malicious external IPs.
The aforementioned research note from Dorsey describes DNS rebinding as well as its working in intricate detail. So if you are a programmer and in the mood to get acquainted with the ins and outs of the technique, you can hop over to the link above.