"Danger Caused by Subdomains"
A team of researchers from the Security & Privacy Research Unit at TU Wien and Ca' Foscari University discovered a new security vulnerability associated with subdomains. Large websites often consist of several subdomains (e.g., "sub.example.com" could be a subdomain of the website "example.com"). There are certain tricks that hackers could use to take control over such subdomains. The team analyzed the vulnerability and the scope of the problem. They studied 50,000 of the world's most popular websites and discovered 1,520 vulnerable subdomains. One might think that access to a subdomain is possible only if the administrator of the website explicitly allows it, but this is a misconception. A subdomain often points to another website physically stored on completely different servers. The owner of the website "example.com" may use an existing blogging service to add a blog to the website instead of building it from scratch. Therefore, the subdomain "blog.example.com" is connected to another site. The address bar would show the correct subdomain "blog.example.com," but the data will come from a different server. When this link is no longer valid, it will point to an external page that is not there. This presents the problem of dangling records, which are loose ends within the network of a website that provide ideal attack points. If these dangling records are not removed, attackers can use them to set up their own malicious page that appears as a legitimate subdomain. This article continues to discuss the researchers' findings surrounding the security vulnerability associated with subdomains.