Following the news that DNS hijacking vulnerability targets Google analytics. ESET provides its analysis on it.
ESET has analysed a Potentially Unwanted Application (PUA), named DNS Unlocker, hijacking victims’ computers to use rogue DNS servers. When the victims’ browsers look for google-analytics.com the rogue DNS server will point to a malicious server injecting additional JavaScript. This is done so that advertisements by DNS Unlocker are inserted into web pages using Google Analytics.
DNS hijackers are nothing new, nor usually even worthy of comment. What makes these recent versions of DNS Unlocker interesting is the trick they use to surreptitiously configure the victim’s computer’s DNS settings.
ESET provides a full explanation of the findings in a new blog post: http://www.welivesecurity.com/
[su_box title=”About ESET®” style=”noise” box_color=”#336588″][short_info id=’60260′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.