LinkedIn DNS Hacked. Traffic Sent To Questionable Indian Site

Bryan Berg, one of app.net's co-founders, posted that he noticed last night that LinkedIn's DNS had been hijacked and the traffic was being rerouted to an Indian based site named conflluence-networks.com. The site didn't require SSL so cookies could be compromised.

By not requiring SSL, anyone who logged into the redirected site sent the cookies that LinkedIn stores locally on their system in plain text. That is quite a potential security risk.

DNS servers take easy to remember names, like NextPowerUp.com, and convert them to the actual IP address of the location of the website. By changing the DNS entry for a site, it can be redirected to any server anywhere. There are a few ways this can be accomplished, but even though LinkedIn has acknowledged the issue as being DNS related they did not go into detail.

Once this is completely resolved, you will want delete all LinkedIn cookies from your system, log into your LinkedIn account and change your password.

Social
Source app
Channels Internet, Networking
Topics Security issue, Linkedin, Privacy and Security, Hijack, Social Networks
Related