Thanks to a bug at some of the internet’s largest domain registrars994 Archives bad actors were able to register malicious domains until just late last month.
If I told you to click this on this URL, amɑzon.com, and login for a great limited time deal over at Amazon, would you notice it wasn’t reallyAmazon’s domain name?
Hover over it, give it a click. You’ll find that it actually directs you to xn--amzon-1jc.com. Why? Look closely and you’ll notice that the second “a” and the “o” aren’t actually the letters “a” and “o” from the Latin alphabet, which is what’s used in the English language.
It’s not supposed to be possible to register these domain names due to the malicious attacks they could be used for. Many web browsers change the characters in the URL from Unicode to Punycode, as seen in the earlier example, for that very reason.
The zero-day, or previously unknown, bug was discoveredby Matt Hamilton, a security researcher at Soluble, in partnership with the security firm Bishop Fox.
According to Hamilton’s research, he was able to register dozens of names using Latin homoglyphs, basically a character that looks like another character. Verisign, Google, Amazon, DigitalOcean, and Wasabi were among the affected companies allowing the registration of these names.
“Between 2017 and today, more than a dozen homograph domains have had active HTTPS certificates,” writes Hamilton. “This included prominent financial, internet shopping, technology, and other Fortune 100 sites. There is no legitimate or non-fraudulent justification for this activity.”
Hamilton held his report for publication until Verisign, the company that runs the domain registries for prominent general top level domain (gTLD) extensions like .com and .net, fixed the issue. The research was only conducted on gTLDs run by Verisign. He states that among all the vendors he contacted, Amazon and Verisign in particular took the issue very seriously.
In the Cyrillic alphabet specifically, there are a number of letters that look nearly identical to letters in the Latin alphabet. For example, here’s the character for “a” in Latin. Here’s the character for “ɑ” in Cyrillic.
Combining these homoglyph characters with the Latin alphabet in a domain name could create a URL that looks very much like one that’s already registered by another company, such as fake Amazon domain mentioned earlier.
Hackers could use these domain names to create phishing websites that look like legitimate sites for services like Gmail or PayPal. The attack could steal a users website password or credit card information using this information.
Hamilton was able to register the following domain names thanks to this bug:
amɑzon.com
chɑse.com
sɑlesforce.com
ɡmɑil.com
ɑppɩe.com
ebɑy.com
ɡstatic.com
steɑmpowered.com
theɡuardian.com
theverɡe.com
washinɡtonpost.com
pɑypɑɩ.com
wɑlmɑrt.com
wɑsɑbisys.com
yɑhoo.com
cɩoudfɩare.com
deɩɩ.com
gmɑiɩ.com
gooɡleapis.com
huffinɡtonpost.com
instaɡram.com
microsoftonɩine.com
ɑmɑzonɑws.com
ɑndroid.com
netfɩix.com
nvidiɑ.com
ɡoogɩe.com
In total, he spent $400 to register the domain names that could be used to scam people out of much, much more.
Internationalized domain names, or IDNs, have become popular in recent years. These domains allow users around the world to register names using their native language, such as Greek or Japanese, where you may find non-Latin characters.
However, malicious actors quickly discovered ways to use IDNs for attacks.
SEE ALSO: Rudy Giuliani's typo-filled tweets are catnip for hackers spreading malwareAs Bleeping Computerpoints out, the Internet Corporation for Assigned Names and Numbers (ICANN), the organization that manages the web's domain name system, has IDN guidelines state that domain registrars should not allow domains be registered using a combination of different alphabets for this very reason.
It's not a new practice, though. The Registernotes how homograph attacks have been an issue for the web for 15 years.
As for amɑzon.com, or should I say xn--amzon-1jc.com, Hamilton has since transferred the domain to Amazon, the company that can be found at the real amazon.com.
Topics Cybersecurity
Norrie vs. Diallo 2025 livestream: Watch Madrid Open for free
Best Black Friday camera deal: Save 30% on OM SYSTEM OM
Best Black Friday AirPods deal: Save $95 on Apple AirPods Pro 2
20+ early Lego Black Friday deals: Star Wars, succulents, and more
Amazon Spring Sale 2025: Best Apple AirPods 4 with ANC deal
Best Black Friday smartwatch deal: Get 52% off Samsung Galaxy Watch 6
Best Black Friday power station deal: Anker SOLIX C1000X Portable Power Station for $426
Amazon workers plan global protests and strikes on Black Friday
'The Last of Us' Season 2, episode 5: The spores are here!
Best Buy Black Friday 2024: Ad and best deals
Best travel deal: Score the Frontier Go Wild! summer pass for just $399
Best Black Friday space heater deal: Save 50% on MORENTO
2024 Black Friday ads: Best deals from Target, Best Buy, Walmart, Kohls, and more
Best Black Friday Google Pixel deal: Google Pixel Watch 2 for $145
Best iPhone deal: Save $147 on the iPhone 15 Pro Max
![Ruggable Black Friday sale [2024]](https://helios-i.mashable.com/imagery/articles/04AnNmag6gRyDOL2hA8Ca4E/images-1.fill.size_256x256.v1732636188.png)
Ruggable Black Friday sale [2024]
Best Black Friday thermal camera deal: P2 Thermal Camera for $179.99
Kohl's Black Friday 2024: Ad and best deals
Hidden Siri Commands and Unusual Responses
Black Friday TV deals from Amazon, Best Buy, and Walmart
This *very good* dog stole a cricket ball in the middle of a big matchHappy Birthday, H. D.!Apple's new iPad Pro will have larger OLED display, report saysStaff Picks: Catharsis, Consumed, Containers,The Morning News Roundup for September 11, 2014As Dolls to Wanton KidsIg Nobel Prize winners include scientists who cleared blocked noses with sexAn Interview with Lynne TillmanThis *very good* dog stole a cricket ball in the middle of a big matchThe M2 MacBook Air is on sale for a recordJudge dismisses RNC lawsuit against GoogleGoogle launches SynthID, an AI image watermark that's invisible to the naked eyeLelo Ina Wave 2 review: The best rabbit vibrator out there'The Idol' cancelled at HBO after one season and a weak endMeta is reportedly rolling out legs for its VR avatarsPhotographs of Italy’s Abandoned DiscothequesI can't stop sliding into my own DMsSteve from 'Blue's Clues' returned and fans are coming to terms with growing upBest smartwatch deal: Samsung Galaxy Watch 5 on sale for $179At the Drive Polaroid's new Now+ camera links to app with more creative capabilities You can get Italian nachos at Olive Garden now 'Democracy dies in dankness' according to Trump Jr. Sorry, the iPhone 13's satellite features will likely be only for emergencies The dateable weapons of 'Boyfriend Dungeon', ranked Two galaxies create an eye Video faceswaps Michael Scott with Donald Trump and the future is terrifying Netflix saves the canned NBC series 'Manifest' for one final season LinkedIn says it's killing Stories. Yes, LinkedIn had Stories. The flu shot might not prevent illness but can ease the worst effects Grubhub, DoorDash face lawsuit for 'deceptive and unfair' practices 'The Good Place' got sloppy for a sports joke that made no sense The Spice Girls just reunited for the first time in years An ad industry group nominated Russia's election hack for all the awards This hamster has gone viral because it has a tiny bed Meghan Markle had an awkward but sweet moment during a mix up at an awards ceremony Instagram to demand users' birthdays (or else) Fiona the hippo has made her Super Bowl prediction Everyone should copy this eight It looks like God answered Michele Bachmann via billboard.
2.3357s , 8225.796875 kb
Copyright © 2025 Powered by 【1994 Archives】,Prosperous Times Information Network