Because manufacturers of IoT devices often assume that other devices on the same network are reliable, the default for these IoT devices is to use unencrypted HTTP services and rely on malicious commands sent from browsers that allow hackers to launch DNS rebinding attacks.
DNS rebinding primarily exploits security vulnerabilities in browsers, allowing remote hackers to bypass the victim’s firewall and use the browser as a medium for communication with the internal network.
Hackers to perform DNS rebinding is usually for malicious domain first set a customization of the DNS server, induction of malicious users visit domain, the browser will request the domain DNS Settings, the DNS server to respond to a survival time (TTL) the IP address of the extremely short, make the browser must be a DNS request again, But this time the reply was a malicious IP address, but the browser still thought it was visiting the same domain, and formed DNS rebinding.
The hacker can then use the browser as a springboard to access the IoT device in the same domain as the browser, including access to the IoT device information, or send commands to the IoT device, which can then establish a communication channel between the IoT device and the hacker’S C&C server.
One of the reasons that hackers can take over IoT devices is that device manufacturers often assume that other devices on the same network are reliable, so the default for these IoT devices is to use unencrypted HTTP services and rely on malicious commands sent from the browser. Internal printers, for example, often run with default configurations and are ideal targets for DNS kidnapping attacks. Once hacked, hackers can download files that the printer has scanned, stored or cached.
Armis estimates that 87 percent of switches, routers, or aps, 78 percent of streaming media devices, 77 percent of IP phones, 75 percent of surveillance cameras, 66 percent of printers, or 57 percent of smart TVS are exposed to DNS rebinding. It recommends that companies audit and inspect all internal IoT devices. Conduct risk assessments for IoT devices, turn off unwanted services such as UPnP, change HTTP server passwords for each IoT device, and update software regularly.
Article from: Libo mobile APP http://jumbotex.com.tw/