Hackers are exploiting a flaw in the Internet’s architecture, targeting systems which convert URLs into IP addresses.
According to the finder, exploiting the vulnerability would allow hackers to launch denial of service attacks on websites and potentially force them offline and threaten the smooth running of Internet services.
The weakness comes from a variety of Domain Name System (DNS) software called Bind, which is used in the majority of servers. The bug enables hackers to target the Bind software, crashing it and taking the DNS service offline and preventing URLs from working. A patch for the flaw is already available, however many systems are still to be updated.
Daniel Cid, a networking expert at Sucuri commented on the vulnerability and told the BBC: “A few of our clients, in different industries, had their DNS servers crashed because of it. Based on our experience, server software, like Bind, Apache, OpenSSL and others, do not get patched as often as they should. “
In a recent tweet the developers of Bind, the Internet Systems Consortium (ISC) said that the bug was particularly critical, broadly applicable and easily exploited.
It has been reported that ‘average internet users’ won’t witness much disruption.