The past continues to haunt: Crooks continue to use homoglyph characters in domain names to hack users

Once upon a time – back in 2000 – we saw the rise of homoglyphs characters in websites domain name. These non-Latin characters appeared as the letters of the Latin alphabet and were used to replicate legit domains.

These characters, when displayed in a browser bar appeared like normal domains – such as www.ɑpple.com or www.fɑcebook.com. The websites that the domains were linked to also appeared real. However, they were primarily used as phishing or malware and got hold of the innocent visitor’s credentials by illicit methods.

Attempt to crack down on these types of attacks has been going on for some time while their occurrence has also minimized due to more advanced hacking methods. However, recently researchers have found a fresh wave of homoglyph characters surrounding the World Wide Web. According to Soluble, the hackers are using the Unicode Latin IPA Extensions to register domains with a mixed script to target victims.

VeriSign also addressed the issue and said that they are working on changes that would prevent these types of registrations that include homoglyph characters. However, the authorities note that these domains are difficult to register and there is a possibility that they are being used for high-target attacks – rather than for average internet users.




Read next: Ethical Hacking Has Become a Highly Popular Career Choice, Here’s Why That’s a Good Thing

No comments:

Post a Comment