Pay per click hijacking

Interesting article at on pay per click hijacking, which is really an extension on old DNS poisoning attacks. Essentially the DNS poisoning attack works like this…

Every domain name on the internet is really just an easy way to access the machine address or IP address. So right now resolves to for me and they have a round-robin record of sorts I think, so that I could check a few times and get a few different addresses, all under the control of and all legitimate. This lookup that happens though happens on Nameservers that are supposed to keep an accurate index of where these domains point. The catch comes when someone is able to poison the information in these nameservers. Let’s say someone is able to poison the server for to point to which is really under control of The page is made to resemble google and instead of google search results the search results are afilliate ads.

Under this scenario, gets a lot of traffic, gets lot’s of clicks (ad revenue from their affiliate ads.) In time things get righted and it’s hard to trackdown slimeyfraudsters. What can you do to protect against DNS hijacking. Not a lot really, this is something that ISP’s need to be concerned about. Obviously from time to time sites will do a redesign, but if something looks terribly amiss with a particular site. (CNN replaced with ads for who knows what), you might want to contact your ISP if things are terribly amiss. Unfortunately, they may suspect you have spyware and send you on a quest of cleaning up your own machine before you point the finger at them. Normally this kind of poisoning gets sorted out relatively quickly. It’s something worth being aware of though.
CNet news is reporting on this story as well.

Related Posts

Blog Traffic Exchange Related Posts
  • The Google Problem, or why I'm starting to use MSN and Yahoo more. This weekend has been a bit of an introspective for me on why google is still the primary search engine I use. I know, I've been a big "fan(?)" of google for quite some time, I've obviously incorporated many of their products into my pages and used Google for 99%......
  • Another IE security flaw this one could lead to data theft I saw this earlier this afternoon at there seems to be a flaw in the way Internet Explorer deals with css that could put your data at risk. According to this article it is a risk combined with Google Desktop. This can be "fixed" by disabling scripting or using......
  • Network security - what does arp spoofing mean for wireless? So, if you haven't already had enough cause to tighten your wireless security.... we've been talking about arp poisoning (spoofing) and the basic conclusion is that IF an attacking machine is on the same subnet as your machine (same IP address range), they can "own" all traffic from you machine......
Blog Traffic Exchange Related Websites
  • Ad Revenue From Corporate Blogs Many companies don’t consider the fact that they could actually make money from their blogs. The popularity of online advertising has made it easy to include ads from all over the world, and Google Ads in particular make it very easy to target your readers with advertisements that they will......
  • How To Make An Easy $25 & Other Blog Monetizing Tips AuctionAds is running a promotion. Just sign up to display Auction ads on your site and you'll get $25. Not only that, if you refer anyone, you get 5% of their income for the first 6 months too.It takes less than 5 minutes to sign up and you can modify......
  • New Google Ads on YouTube, Maps, and Even Games Google recently announced that additional contextual advertisements will be displayed on YouTube. Google will be providing links to relevant iTunes and products that are related to the videos. For instance, if you hear a catchy soundtrack on the video, you might see a link to purchase it on iTunes.......    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

Comments are closed.

Switch to our mobile site