Techly NewsGet the app

Get the latest tech news

Mac and Windows users infected by software updates delivered over hacked ISP


DNS poisoning attack worked even when targets used DNS from Google and Cloudflare.

The attackers then used their control of the devices to poison domain name system responses for legitimate hostnames providing updates for at least six different apps written for Windows or macOS. One other technique Volexity observed was StormBamboo’s use of DNS poisoning to hijack www.msftconnecttest.com , a domain Microsoft uses to determine if Windows devices are actively connected to the Internet. By replacing the legitimate DNS resolution with an IP address pointing to a malicious site operated by the threat actors, they could intercept HTTP requests destined for any host.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Mac

Mac

Photo of Windows

Windows

Photo of users

users

Related news:

News photo

Design Flaw Has Microsoft Authenticator Overwriting MFA Accounts, Locking Users Out

News photo

Nvidia driver update causes BSOD on older Windows PCs

News photo

Sneaky SnakeKeylogger slithers into Windows inboxes to steal sensitive secrets

« India’s EtherealX puts $5M seed toward fully reusable launch vehicles
The Soul of Maintaining a New Machine »