Domain Dumpster Diving

Those that have been in the security industry are very aware of the concept of dumpster diving. Essentially, this represents going through somebody’s garbage and finding things like passwords written on documents, training manuals that include sensitive information about systems, phone numbers, etc. What you likely have not heard of applying the same concept to digital garbage.

Jaseson Schultz from Cisco Talos wrote a really interesting article on Talos’s research in this area. For example, one topic is the concept of a keyboard smash. Lets say you need to quickly create a email address, user name or website for testing purposes. Many people may just smash a few keyboard characters to create something that looks random. Right now I’ll smash “[email protected]” but think about how likely somebody else would smash the same characters. Talos researches saw a lot of DNS traffic going to adasdad.com, which is a keyboard smash domain. They registered that domain and found all sorts of accounts sending email and traffic based on people around the world keyboard smashing adasdad not knowing the domain now exists. Imaging you keyboard smash the admin email for our website as adasdad.com and now Talos gets a page with a link to register as the admin!

This is just one of the handful of stories covered when researching Internet garbage for gold. Another story is about an attack domain that owned thousands of victims but eventually stopped and let their domain died. When Talos registered the domain, they found compromised systems were still reaching out to the dead domain! Imagine if a new attacker took over the domain to take advantage of the already compromised systems! Crazy stuff.

Read the article at https://blog.talosintelligence.com/2021/03/domain-dumpster-diving.html

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Leave a Reply

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.