All Hacking Tools And Hacking Tutorials Are Only For Education Purposes,..

What is Pharming Attack?

Unknown  Hacking-Tutorials, Website Hacking  No comments

 

What is Pharming Attack? -DNS Poisoning

I hope you know about Phishing attacks. In phishing attack, the user will be tricked to visit a fake page by sending scam emails.  If you clever to notice the url of the site, you will find the url is not original one.  So , it is possible for a user to detect the phishing attack by verifying the url. But hacker can bring the phishing attack to the next level with the pharming attack.

What is Pharming?
Pharming attack will redirect to the fake(phishing) page even though user enter the correct address. For Eg: facebook.com will show the fake page instead.The term pharming is a derived from farming and phishing. In recent years both pharming and phishing have been used for online identity theft information. Pharming has become of major concern to businesses hosting ecommerce and online banking websites
How does it works?
Method 1: DNS Poisoning: 

1. Attacker hacks into the DNS server and changes the IP address for www.targetsite.com to IP of www.targetsite1.com (Fake page).

2. So if the user enter the URL in address bar, the computer queries the DNS server for the IP address of www.targetsite.com. 

3. Since the DNS server has already been poisoned by the attacker, it returns the IP address of www.targetsite1.com(fake page).

4. The user will believe it is original website but it is phishing page. 

Method 2: HOSTS file Modification:
This method is local DNS poisoning. 
What is host file?
     The host file contains Domain Name and IP address associated with them.  Your host file will be in this path:
C:\Windows\System32\drivers\etc\
It will change the fields of hosts so that original website will point to some other fake page.
Other types of pharming attacks involve Trojan horses, worms or other technologies that attack the browser address bar, thus redirecting you to a fraudulent website when you type in a legitimate address.

Instances of Pharming:
In January 2005, the domain name for a large New York ISP, Panix, was hijacked to point to a site in Australia. No financial losses are known.

In January 2008, Symantec reported a drive-by pharming incident directed against a Mexican bank in which the DNS settings on a customer's home router were changed after receipt of an e-mail that appeared to be from a legitimate Spanish-language greeting card company

In a poisoning attack in early March 2010, requests from more than 900 unique Internet addresses and more than 75,000 e-mail messages were redirected, according to log data obtained from compromised Web servers that were used in the attacks, says PC Mag.

Prevention over Pharming:
  • Use some Anti Phishing Addons for Mozilla to detect phishing webpages.
  • Use spoostick Addon that will detect the fake pages
  • Use Internet Security Software(kaspersky, BullGuard Internet Security)

Please Share This Post With Your Frinds :) FOCSoft
SOCIALIZE IT →
FOLLOW US →
SHARE IT →

0 Comments:

Post a Comment

If you're having issues, Please leave an email address I can contact you on -
I advise you to also "subscribe to the comment feed" and get email updates when I respond to your question.

Hyperlinks are not allowed, Spam/advertising comments will NEVER BE TOLERATED and will be deleted immediately!

Thanks for reading,
Administrator Of FOCSoft

Subscribe to: Post Comments (Atom)

Stay Updated With Facebook
Please Click Like Button

Receive Free Updates (EMail):

Powered By FOCSoft

 

Copyright © 2013 FOCSOFT All Rights Reserved By:- Muhammad Shahbaz