By Robert McMillan and Owen Fletcher
IDG News Service
November 17, 2009
Fraudsters may have a hot deal waiting for them in the form of an
obscure Chinese domain name that's for sale on the Internet.
The wpad.cn domain is for sale, according to a note posted on the Web
site. That fact probably doesn't mean much to most people, but to Duane
Wessels it's a big deal. He says that if it fell into criminal hands it
could be misused for phishing or other types of fraud.
Wessels, the president of Measurement Factory, owns five wpad domains --
wpad.com, wpad.net, wpad.org, wpad.biz and wpad.us. Between them, he
gets 5 million hits per day. Most of them come from Windows computers
erroneously looking for network configuration information, thanks to a
decade-old Windows bug that Microsoft first fixed in 1999.
Nobody knows why sites like Wessels' continue to get so much traffic
long after Microsoft patched the flaw. He thinks it may come from old
versions of Windows, obscure programs with built-in Web components, or
perhaps even misconfigured servers on the network. Microsoft did not
respond to a query about the issue on Tuesday.
According to Wessels, if criminals were to take control of the wpad.cn
domain they could set themselves up as a proxy Web server for their
victims, redirecting them to a phishing site or sneaking unwanted ads
onto their computers.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News