Understanding a DNS Spoofing + Phishing Attack
What is a DNS Spoofing and Phishing attack? The term “Spoofing” refers to “spoofing” carried out by a cyber attacker using various techniques to falsify data in a communication. Thus, a DNS spoofing attack is the forgery of an IP address (spoofing) when a name resolution query is made to the Domain Name System (DNS). Therefore, if we launch a “DNS Spoofing” (Domain Name System) attack, what we are doing is that, when the victim enters a web address (domain name) in their browser, such as “www.google.com”, this is redirected to another web address (to another domain name) previously established …
Understanding a DNS Spoofing Attack + Evilgrade
What does this type of attack consist of? One of the most dangerous attacks that we can encounter is the self-downloading and execution of malicious software without user interaction. With an attack of these characteristics an intrusion can be made in any type of system, even if it is at its last version and completely patched, not presenting any type of vulnerability more than the one that represents in itself the ignorance of the own user. Design of the attack and tools used To demonstrate this attack we are going to use the “Evilgrade” framework. As a brief description of …