- Impact
- 46,458
The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean
tl;dr
If you use cloud DNS, and the zone is later deleted without also changing the domain’s DNS, that domain is still set up for use but has no account with a zone file to control it.
At many cloud providers anyone can create a DNS zone for that domain and take full control.
https://thehackerblog.com/the-orpha...-cloud-rackspace-and-digital-ocean/index.html
Conclusion
This vulnerability is a systemic issue which affects all major managed DNS providers. It is very likely that more providers are affected which are not mentioned here. All managed DNS providers are encouraged to check their own implementations for this issue and patch/notify customers as soon as possible.
tl;dr
If you use cloud DNS, and the zone is later deleted without also changing the domain’s DNS, that domain is still set up for use but has no account with a zone file to control it.
At many cloud providers anyone can create a DNS zone for that domain and take full control.
https://thehackerblog.com/the-orpha...-cloud-rackspace-and-digital-ocean/index.html
Conclusion
This vulnerability is a systemic issue which affects all major managed DNS providers. It is very likely that more providers are affected which are not mentioned here. All managed DNS providers are encouraged to check their own implementations for this issue and patch/notify customers as soon as possible.
Last edited:
