A cyber-security firm by the name of Armis has warned that nearly half a billion smart devices are vulnerable to DNS rebinding. DNS rebinding is a decade old security vulnerability that attackers exploit to make a device access unintended domain by tricking the browser.
But the problem is that web browsers use URLs to enforce same-origin policy, but use IPs to communicate requests. So if a malicious website changes its IP it can easily circumvent SOP, bypassing a victim’s network firewall and turning their web browser into a proxy to communicate directly with vulnerable devices on the local network. That’s it in a nutshell.
We had previously written a story where a programmer by the name of Brannon Dorsey used DNS rebinding to hack into connected devices, in which we explain in detail how the attack works. If you’re curious to read up on DNS rebinding, please check out the article here.
Following the investigation, experts are saying that nearly all types of smart devices are vulnerable to DNS rebinding – think smart TVs, routers, printers, surveillance cameras, and smart assistants. Here’s a breakdown:
Armis said that enterprises are particularly vulnerable to these attacks, as almost half a billion of these devices are used in the workplace.
The research team estimated that the number of vulnerable devices worldwide in the enterprise account for nearly half a billion devices, 496 million to be exact. The breakdown is as follows:
Following Dorsey’s discovery, device manufacturers such as Roku and Sonos to start working on patches. But it’s hard to imagine that all device manufacturers will follow suit. Perhaps a better course of action would be to rethink how browsers and DNS servers work, but that feels equally far-fetched as well.