Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

Submission Preview

Link to Story

The holy grail in computer hacking

Accepted submission by Ayn Anonymous at 2015-08-23 02:21:14
Security

Ayn Anonymous [soylentnews.org] writes:

Let's assume the information about the Windows 10 key logging [soylentnews.org] is true.
Access to this key logger data is the holy grail in computer hacking.
A dream of every "commercial" hacker. This means you can fully automated generate Fullz [wikipedia.org] each at the moment $35 USD worth.
45 mio. (of 1.5 billion, data from 11-Aug-2015, strong growing) Windows 10 systems at the moment.
The average DNS bit-flip error rate is 1 in 100,000 requests. See Bitsquatting: DNS Hijacking without exploitation [dinaburg.org]
And this are only 1 bit-flips. As it turned out multiple bit flips are even more common than single bit-flips.
This means at least 450 wrong DNS requests from this 45 mio. Windows 10 users. Per domain.
3 domains (nsatc.net, footprintpredict.com, microsoft.com) Wrong requests every day: (A record TTL):
nsatc.net=3 h, footprintpredict.com=0.5 h, microsoft.com=2 h == (24/3*450)+(24/0.5*450)+(24/3*450)==30,600

Not all DNS Bitquatting domains have equal value. The order of bit flipping probability is 0,6,(1+2),8,(3+13),14,12,15,(4+5),(7+9+11),10
The bit in position #0 is 100 times more likely to be flipped than one in position #10
If someone like to exact calculate what are the most likely single and multi bit-flip bitquatting names are, here: Observations on checksum errors in DNS queries [verisigninc.com] are all the data you need to do this.

What single bit-flip bitquatting names are free and which are taken ?
(the taken and connected ones are listed with the IP and country)

osatc.net lsatc.net
jsatc.net,62.210.16.62,France
fsatc.net,91.250.71.229,2a01:488:42:1000:5bfa:47e5:11:7fd7,Germany
nratc.net nqatc.net
nwatc.net,192.64.119.41,United States
ncatc.net n3atc.net nsctc.net
nsetc.net,74.208.56.145,United States
nsitc.net,184.168.221.41,United States
nsqtc.net nsauc.net nsavc.net
nsapc.net,50.63.202.16,United States
nsadc.net,66.29.208.61,United States
nsa4c.net nsatb.net nsata.net nsatg.net nsatk.net nsats.net

gootprintpredict.com dootprintpredict.com bootprintpredict.com nootprintpredict.com vootprintpredict.com fnotprintpredict.com fmotprintpredict.com fkotprintpredict.com fgotprintpredict.com fontprintpredict.com fomtprintpredict.com foktprintpredict.com fogtprintpredict.com foouprintpredict.com foovprintpredict.com foopprintpredict.com foodprintpredict.com foo4printpredict.com footqrintpredict.com footrrintpredict.com foottrintpredict.com footxrintpredict.com foot0rintpredict.com footpsintpredict.com footppintpredict.com footpvintpredict.com footpzintpredict.com footpbintpredict.com footp2intpredict.com footprhntpredict.com footprkntpredict.com footprmntpredict.com footprantpredict.com footpryntpredict.com footpriotpredict.com footpriltpredict.com footprijtpredict.com footpriftpredict.com footprinupredict.com footprinvpredict.com footprinppredict.com footprindpredict.com footprin4predict.com footprintqredict.com footprintrredict.com footprinttredict.com footprintxredict.com footprint0redict.com footprintpsedict.com footprintppedict.com footprintpvedict.com footprintpzedict.com footprintpbedict.com footprintp2edict.com footprintprddict.com footprintprgdict.com footprintpradict.com footprintprmdict.com footprintprudict.com footprintpreeict.com footprintprefict.com footprintprelict.com footprintpretict.com footprintpredhct.com footprintpredkct.com footprintpredmct.com footprintpredact.com footprintpredyct.com footprintpredibt.com footprintprediat.com footprintpredigt.com footprintpredikt.com footprintpredist.com footprintpredicu.com footprintpredicv.com footprintpredicp.com footprintpredicd.com footprintpredic4.com

licrosoft.com,216.21.224.199,United States
oicrosoft.com,52.74.200.167,Singapore
iicrosoft.com
eicrosoft.com,103.31.75.164,Hong Kong
-icrosoft.com mhcrosoft.com
mkcrosoft.com,72.52.4.91,United States
mmcrosoft.com
macrosoft.com,50.63.202.28,United States
mycrosoft.com,208.91.197.104,Virgin Islands
mibrosoft.com,209.15.13.134,United States
miarosoft.com,52.74.200.167,Singapore
migrosoft.com
mikrosoft.com,65.55.39.10,United States
misrosoft.com,103.224.182.217,Australia
micsosoft.com,65.55.39.10,United States
micposoft.com micvosoft.com miczosoft.com
micbosoft.com,127.0.0.1,cloudflare.com
mic2osoft.com,52.74.200.167,Singapore
micrnsoft.com
micrmsoft.com,192.168.1.1
micrksoft.com,184.168.221.45,United States
micrgsoft.com,184.187.12.126,United States
microroft.com,50.63.202.54,United States
microqoft.com,65.55.39.10,United States
microwoft.com,54.174.31.254,United States
microcoft.com,185.53.177.9,Germany
micro3oft.com,23.21.201.35,United States
microsnft.com,184.187.12.126,United States
microsmft.com,184.187.12.126,United States
microskft.com microsgft.com
microsogt.com,141.8.225.73,Switzerland
microsodt.com,64.4.6.100,United States
microsobt.com,173.201.216.42,United States
microsont.com
microsovt.com,208.91.197.104,Virgin Islands
microsofu.com microsofv.com microsofp.com
microsofd.com,52.5.65.198,United States
microsof4.com

I'm totally surprised that not all of them are already taken.
Does Microsoft care ? Of course not.

Original Submission