MasterCard recently corrected a significant DNS misconfiguration that had persisted for nearly five years, potentially allowing cybercriminals to intercept or divert its Internet traffic. While all MasterCard's DNS server names were supposed to end with "akam.net," one contained a typo, ending with "akam.ne" instead. This issue was discovered by a security researcher who registered the misconfigured domain "akam.ne" for $300 to prevent its exploitation. The researcher then set up a DNS server for the "akam.ne" domain and observed hundreds of thousands of DNS requests hitting his server each day. This incident highlights the critical importance of accurate DNS configurations and the need for prompt, transparent handling of security vulnerabilities.
Type
Incident
Actors
Unknown
Pub. date
January 22, 2025
Initial access
Dangling resource
Impact
Data exfiltrationResource hijacking
Observed techniques
Dangling DNS takeover
References
https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/
Status
Finalized
Last edited
Jan 23, 2025 12:48 PM