Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority
Abstract: We study and document an important development in how
attackers are using Internet resources: the creation of malicious DNS resolution paths.
In this growing form of attack, victims are forced to use rogue DNS servers for all
resolution. To document the rise of this "second secret authority" on the Internet, we
studied instances of aberrant DNS resolution on a university campus. We found dozens of
viruses that corrupt resolution paths, and noted that hundreds of URLs discovered per
week performed drive-by alterations of host DNS settings.