Page 6 - index
P. 6







Bitcoin case - How cybercriminals exploit typosquatting


How cyber criminals could exploit typosquatting? The case of MtGox proposed
by MalwareBytes, a fake domain used to serve malicious codes.


Typosquatting, also called URL hijacking, is a common form of hacking which relies on
mistakes such as typographical errors made by Internet users when typing the website
address into the address bar of their browser. Should a user accidentally enter an
incorrect website address, they may be led to URLs related to websites managed by
cybercriminals.


Criminals could operate substantially with two different techniques to exploit
typosquating:


 register domains having URLs similar to legitimate websites belonging to popular
brands.
 analyze the topic of interest in a particular period registering domain with URL similar to
legitimate website reporting the information of interest.

Let's wear the clothes of the cyber criminal and try to take advantage of the second
scenario, the first topic I have in mind is Bitcoin so let's verify if it could be a good idea
to exploit typosquatting on URL related to websites that propose information on the
popular virtual currency. Google Trends is a mine of information and looking at the
below graph it is possible to note an increasing interest on the topic confirmed by the
number of research on it. This means that a huge quantity of Internet users searches for
Bitcoin information and navigate on Bitcon website.






















Malwarebytes security firm published an interesting post titled "Typo Trouble in Bitcoin
Land" to show how much dangerous could be a typosquatting on the World’s Largest
Bitcoin exchange Mt. Gox.


Looking at the image below it is possible to not that cybercriminals exploited the error
made by users typing "mtegox(.)com" instead "mtgox.com".


6 Cyber Warnings E-Magazine – December 2013 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
   1   2   3   4   5   6   7   8   9   10   11