Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday March 05 2020, @01:10AM   Printer-friendly
from the seeing-is-mis-believing dept.

Arthur T Knackerbracket has found the following story:

Researchers at Soluble today said they worked with Verisign to thwart the registration of domain names that use homoglyphs – non-Latin characters that look just like letters of the Latin alphabet – to masquerade as legit domains.

[...] There have been a number of efforts over the years, most recently in 2017, we reckon, to rid the internet of homograph abuse once and for all.

In the most recent case, it was found that the Unicode Latin IPA Extension characters could and were being exploited to setup lookalike domains.

"Between 2017 and today, more than a dozen homograph domains have had active HTTPS certificates," noted Soluble researcher Matt Hamilton. "This included prominent financial, internet shopping, technology, and other Fortune 100 sites. There is no legitimate or non-fraudulent justification for this activity."

Normally, it would not be possible to register domains with mixed scripts, as Verisign put protections in place years ago. However, the researchers found that those protections did not extend to Unicode Latin IPA, meaning that prior to Verisign updating its filters after being tipped off by Soluble, the characters could be used to set up lookalike URLs.

[...] "While it is unlikely that you, the reader, were attacked with this technique," Hamilton notes, "it is likely that this technique was used in highly targeted social-engineering campaigns."

-- submitted from IRC

The most notable of these confusables are:

Latin:agl
IPA:ɑɡɩ

It is much easier to tell them apart when the confusables are shown adjacent to each other. In the spoiler below, only one of the entries is correct... how long does it take you to figure out which one it is?

  1. google.ɑpis
     
  2. ɡoogle.ɑpis
     
  3. ɡoogle.apis
     
  4. gooɡle.apis
     
  5. google.apis
     
  6. ɡooɡle.ɑpis
     
  7. ɡooɡle.apis
     
  8. gooɡle.ɑpis
     

Are you sure? This is the number of the correct entry:

Are you really sure?
Did you pick number 6?
That was wrong. It was number 5.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.