The implications of control over internet infrastructure via DNS-over-HTTPS on privacy

In the early days of the internet, it was quite common for local networks to run their own domain name service (DNS). DNS was invented as a solution for allowing internet users to query remote servers via friendly, easy-to-remember names like google.com. Names are much easier to remember compared to more abstract IP numbers like … More The implications of control over internet infrastructure via DNS-over-HTTPS on privacy

3ve – Major online ad fraud operation disrupted

International law enforcement swoops on fake ad viewing outfit. On Monday, October 22nd, a disruption action involving law enforcement bodies worldwide targeted “3ve”, a major online ad fraud operation. Today, on November 27, 2018, a 13-count indictment against eight defendants was unsealed. Out of these eight defendants, three are in custody and awaiting extradition. Ad fraud campaigns … More 3ve – Major online ad fraud operation disrupted

Birthday Reminder looks benign but the devil’s in the details: Hooks DNS, serves dodgy ads

The strange behavior of a simple Windows application caught our attention and sparked ESET’s analysis of previously undocumented malware. A contact at the Norwegian HealthCERT —  following a question about this from the regional healthcare provider Sykehuspartner — reached out to us asking about DNS queries to domains with the format [0-9a-f]{60}.smoke. There is no .smoketop level domain, … More Birthday Reminder looks benign but the devil’s in the details: Hooks DNS, serves dodgy ads

DNS attacks: How they try to direct you to fake pages

DNS servers are essential to the normal functioning of the internet as we know and love it, but they tend to go unnoticed by most users. At least, that is, until some sort of attack or incident occurs that stops them from working normally, which results in the services we use every day starting to fail (something … More DNS attacks: How they try to direct you to fake pages

Avalanche takedown: Check if you are safe

Earlier this week coordinated law enforcement action took down the Avalanche fast-flux network. For several years, this network has allowed various botnet operators to benefit from an extra layer of protection against takedown and domain blacklisting. Today, this network has suffered a serious blow. Coordinated efforts from law enforcement around the world succeeded in taking … More Avalanche takedown: Check if you are safe