Someone's Been Siphoning Data Through a Huge Security Hole in the Internet

After recent online survailance revelations and Internet security concerns, now it turns out that someone mysteriously hijacked internet traffic headed to government agencies, corporate offices and other recipients in the U.S. and elsewhere and redirected it to Belarus and Iceland, before sending it on its way to its legitimate destinations. They did so repeatedly over several months according to Wired.

The redirect happened thanks to vulnerability in the so-called Border Gateway Protocol, or BGP, that two security researchers demonstrated at the DefCon hacker conference in 2008. The BGP attack, a version of the classic man-in- the-middle exploit, allows hijackers to fool other routers into re-directing data to a system they control. When they finally send it to its correct destination, neither the sender nor recipient is aware that their data has been redirected to third parties.

It's still not clear who is behind the hijacks. Although systems in Belarus and Iceland initiated the hijacks, it's possible that those systems were hijacked by a third party that simply used them as a proxy for the attacks.

Read more -here-

• Dropbox breach exposes customer credentials, authentication data
• Google: Passkey authentications top 1 billion across 400 million accounts
• FTC fines Razer for misrepresenting COVID masks as N95s
• FCC fines Verizon, AT&T other major carriers nearly $200 million for sharing customer data
• Federal regulators accuse Amazon executives of deleting messages
• FCC restores net neutrality rules