New Smart Devices Still Vulnerable to Age-Old DNS Rebinding Attack

As technology becomes more advanced, so do cyber security attacks. It seems hackers are always coming up with new, sneakier ways to infiltrate networks and steal information. But some attacks have stood the test of time—and one of these is a trick called DNS rebinding.

Hackers have been using this devious tactic since 2007—practically ancient history in tech-time—but it’s recently resurfaced. Earlier this year, a number of big-brand smart devices were listed as especially vulnerable to this type of attack—Google Home, Roku, and Chromecast among them.

Unfortunately, millions of smart devices could still be at risk of a DNS rebinding attack—and your devices could be among them. Here’s what you need to know to avoid falling victim to this decade-old threat.

What is a DNS rebinding attack?

In a DNS rebinding attack, an attacker first creates a malicious web page or posts a malicious ad on a legitimate page. Anyone who visits that page will be exposed to a script that infiltrates their device’s firewall and gains control of their router.

From there, the attacker can communicate directly with smart devices connected to the router—which might include printers, switches, media streaming players, wireless speakers, IP cameras and phones, and smart TVs. The owner might never know their device is compromised—until something goes horribly wrong.

Who is affected by these attacks?

Just because a smart device is new doesn’t mean it’s safe from this old trick. Vulnerable products include smart devices from Apple, Google, Sonos, Roku, Dell, GoPro, Sony, Samsung, and many more. That equates to about 496 million devices at risk.

A DNS rebinding attack is bad enough for an individual, but for a business, it can be devastating. An attacker who accesses a business’ printer, for example, can steal information by downloading documents that have been scanned, cached, or stored on the printer.

Through DNS rebinding attacks, hackers can read and modify data, gain account privileges, and execute unauthorized commands—wreaking havoc with just a few clicks.

How can you prevent a DNS rebinding attack?

Like most cyber security attacks, some of the best prevention methods for DNS rebinding involve changing passwords regularly, disabling services that aren’t needed (like UPnP), and keeping your security software updated. Make sure your passwords and usernames aren’t simply the default ones that came with your device—“password” is not a strong password—and check that they’re unique across all devices and apps.

Since DNS rebinding attacks access the victim’s network through JavaScript, installing the NoScript plugin for JavaScript is another means of protection. You can also change the settings on your router’s admin console to disable access from an external network.

A cyber attack can cause significant damage to your business or personal life, and that’s damage that could end up costing you a great deal of time and money. If you want to tighten your company’s cyber security, eMazzanti can help. We offer robust solutions to help protect your sensitive data and keep your organization safe from both emerging and tried-and-tested cyber attacks, including DNS rebinding. Contact us for more information.