We study and document an important development in how attackers are using Internet
resources: the creation of malicious DNS resolution paths. In this growing form of
attack, victims are forced to use rogue DNS servers for all resolution. To document
the rise of this "second secret authority" on the Internet, we studied instances of
aberrant DNS resolution on a university campus. We found dozens of viruses that
corrupt resolution paths, and noted that hundreds of URLs discovered per week
performed drive-by alterations of host DNS settings.