Jump to content
livebox

Spammers Hacked Microsoft Subdomains and Post Ads

Recommended Posts

 

Security researcher and developer at NIC.gp. Michel Gaschet found at Microsoft serious problems managing thousands of his subdomains. According to him, the company's subdomains can be easily hacked by attackers and used in attacks on both its users and employees.

Over the past three years, Gasket has repeatedly reported to Microsoft about subdomains with incorrect DNS record configurations, but the company either ignored its messages or “silently” fixed bugs, but not all of them. So, in 2017, the researcher notified of 21 vulnerable subdomains of msn.com, and in 2019, another 142 subdomains of microsoft.com. According to Gasket, the company corrected the configuration of no more than 5-10% of the subdomains that he reported.

Until recently, vulnerable subdomains did not cause Microsoft any concern. However, now everything seems to have changed. The researcher identified at least one cybercriminal group hacking Microsoft subdomains in order to publish spam on them. On at least four subdomains, Basket found ads from Indonesian online casinos (portal.ds.microsoft.com, perfect10.microsoft.com, ies.global.microsoft.com, and blog-ambassadors.microsoft.com).

According to the researcher, Microsoft is in no hurry to fix vulnerabilities on its subdomains, since this is not included in the reward payment program for detected vulnerabilities. The problem of hacking subdomains is not part of bug bounty and therefore is not a priority.

 

 

Source: https://www.securitylab.ru/news/505182.php

  • Upvote 2
Link to post
Share on other sites
  • Active Members

Am vazut si eu stirea asta pe Twitter undeva. Nu inteleg de ce o companie gigant cum e Microsoft a inclus o vulnerabilitate de tipul asta ca fiind out of scope.

De exemplu Starbucks plateste $2,000 pentru subdomain takeover.  

Edited by 0xStrait
Link to post
Share on other sites

Da, insa conteaza foarte multe numele acelor subdomenii. Nu ar trebui sa fie out of scope, insa payout-ul ar trebui sa fie in functie de numele subdomeniului si riscul pe care il aduce. 

  • Upvote 2
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...