Home
Tech
A small tweak gave researchers a powerful web-domain capability that could prove incredibly useful to hackers.

A small tweak gave researchers a powerful web-domain capability that could prove incredibly useful to hackers.

A cybersecurity researcher recently stumbled upon an Internet vulnerability that allowed him to sniff people's email, execute code on servers and even spoof HTTPS certificates – giving him so many options that he's been described as having “superpowers”.

The vulnerability is pretty simple: an expired domain that keeps getting pinged by numerous servers. The domain in question is dotmobiregistry.net, which used to host the .mobi WHOIS server.

A WHOIS server provides information about domain name registration details and IP addresses. It is part of the WHOIS protocol, which is used to query databases that store ownership and registration information for domain names and network resources on the Internet. On the other hand, .mobi was a top-level domain (TLD) designed specifically for websites intended to be accessed via mobile devices. It was launched in 2006 and designed to ensure that websites hosted under this domain were optimized for viewing on mobile devices.

Move the WHOIS server

At some point, and no one seems to know when or why, the WHOIS server moved from whois.dotmobiregistry.net to whois.nic.mobi. When the CEO and founder of security firm watchTowr, Benjamin Harris, discovered this, he purchased the domain and used it to set up an alternative .mobi WHOIS server.

Over the next few days, Harris's doppelganger received millions of queries from hundreds of thousands of systems, including domain registrars, governments, universities and others.

This allowed him, for example, to dictate who receives TLS certificates.

“Now that we have the ability to issue a TLS/SSL certificate for a .mobi domain, we can, in theory, do all sorts of horrible things, from intercepting traffic to spoofing the target server,” Harris said in a white paper. “At this point, all sorts of threat models are gone. While we’re sure some may say we didn’t “prove” we could get the certificate, we think this would have been going too far, so nevermind.”

Through Ars Technica

More from TechRadar Pro

You may also like...

'Maybe TSMC should buy Arm': Sleeping giant that makes tens of millions of chips for Intel, Nvidia and AMD reveals staggering profits and hints at price hike to please shareholders

Published: July 28, 20246:07 am
Author admin

Quordle Today: Hints and Answers for Monday, October 21 (Game #1001)

Published: October 21, 20243:37 am
Author admin

How to get (AI versions of) Judy Garland or Burt Reynolds to read you

Published: July 3, 20248:29 pm
Author admin

Lenovo joins consumer SSD market with help from HP storage partner; although don't expect ultra-fast PCIe 5.0 or USB4 SSDs just yet

Published: January 24, 20247:14 pm
Author admin

Self-destructing USB flash drive ready to go on sale, and although it comes without encryption, at least this time there is no finger-licking to do

Published: February 17, 20244:08 am
Author admin

NYT Connections Today: Clues and Answers for Friday, September 6 (Game #453)

Published: September 6, 20242:22 am
Author admin

Advertisement

Latest Tech News

XO, Kitty Season 3: Everything we know so far about the return of the successful program to Netflix
Published: July 6, 20252:02 am
Author admin

Quordle suggests and answers for Sunday, July 6 (game #1259)
Published: July 5, 20254:01 pm
Author admin

This mini pc of $ 378 could be the best Windows alternative to Apple's Mac Mini at this time
Published: July 5, 20256:00 am
Author admin

Rock on! Marshall's big spear and headphones have reached super low prices in the first Amazon Prime Day offers
Published: July 4, 20257:59 pm
Author admin

'It needs to be a great threat': the star of season 3 of the Foundation, Pilou Asbaek, reveals how the mule differs from its counterpart from the book series in the Apple TV+ program
Published: July 4, 20259:58 am
Author admin

Popular Tech News

Quordle Today: Hints and Answers for Monday, January 1 (Game #707)
Published: January 1, 202412:51 am
Author admin

Samsung Galaxy S24 Ultra could come with a big video recording update
Published: January 1, 202411:01 am
Author admin

New Nothing Phone 2a leaks include images, prices, colors and specifications
Published: January 1, 20243:05 pm
Author admin

New year, new TV: LG’s C2 OLED drops to a whopping $1,399 price at Amazon
Published: January 1, 20247:09 pm
Author admin

Amazon’s massive New Year’s sale is on: here are the 29 best deals to shop right now
Published: January 1, 20249:11 pm
Author admin

Follow Us
twitter
facebook
Archives

July 2025

June 2025

May 2025

April 2025

March 2025

February 2025

January 2025

December 2024

November 2024

October 2024

September 2024

August 2024

July 2024

June 2024

May 2024

April 2024

March 2024

February 2024

January 2024

December 2023

November 2023

October 2023

August 2023

July 2023

June 2023

May 2023

April 2023

March 2023

February 2023

January 2023

December 2022

November 2022

October 2022

July 2022

May 2022

November 2021

August 2021

March 2021

August 2020