That Secure Domain May Not Be So Secure

by Guest Columnist

A Unicode-based attack known as a homograph attack can falsify a domain name—all the way down to secure HTTPS. Since it can so convincingly mimic a legitimate domain, it isn’t just the average user at risk but also seasoned IT pros.

Brandon Vigliarolo writes, “Homograph attacks, which involve substituting Unicode with regular ASCII letters to fake a domain name, have been around since the early 2000s. Modern web browsers are built to detect homograph attacks, but software engineer Xudong Zheng figured out a way to beat the filters.

“The problem is a serious one, but thankfully is only a problem in Google Chrome, Firefox, and Opera. Want to know if you’re vulnerable? Head over to Zheng’s blog and check out his proof of concept link to a fake Apple domain.

“What you would see if you were protected would be the real domain name: https://www.xn— Because it’s named with Unicode substitutions for a, p, l, and e it displays as a completely legitimate domain name—it’s even secured with HTTPS.

“Zheng discovered that when a domain is named with a set of Unicode letters from a single language (typically Russian) it bypasses the filters in Chrome, Firefox, and Opera.”

Read the full article.



Share Your Comments on This Tip

If you have comments about this tip and want to post them on this page to share your thoughts with other IT Daily Advisor readers, simply enter your comments below. NOTE: Your name will appear on any comments posted.

Your email address will not be published. Required fields are marked *