Microsoft Subdomains Hijacked Even After Repeated Warning Bells!

Microsoft subdomains are hijacked now. In spite of prior warning against the vulnerability in subdomains, the company didn't pay any heed to the warning, putting nearly 670 subdomains at risk of getting hijacked. Such domains can be used by hackers to spam, scan millions of users as well as company employees.

Must Read

Apple Inc. (AAPL) And Samsung Group (005930) Combined Smartphone Market Share Shrunk To Below 50% In Q1 2014: Huawei and Lenovo Rising Fast!

Apple Inc. (NASDAQ:AAPL) and  Samsung Electronics Co. Ltd. (KRX:005930) are the undisputed heavyweights of the smartphone world. Together, both brands accounted for 50%...

Apple is Being Evil For 1.5 Billion iPhone, iPad Users Worldwide

Last year when Apple Inc. (NASDAQ:AAPL) was accused of recording everything that iPhone users were talking through...

Uber India Layoffs 25% Workforce Citing Tough Market Conditions

After laying off thousands of employees in the US, Uber is scaling down its operations in India...

Around two weeks ago, we reported about the vulnerability in over hundreds of subdomains that belong to Microsoft Corporation (NASDAQ:MSFT). Citing the researchers claim, we also explained how these Microsoft subdomains could be hijacked and used for attacks against their own employees, users or for showing them spammy content. However, the tech giant Microsoft didn’t seem to pay much heed to the concerning issue then.

Now, it has been reported that the same series of Microsoft’s vulnerable subdomains have been hijacked by researchers of Vulnerability after they held the company accountable for poor DNS practices.

Advertisements

The ten hijacked subdomains of Microsoft by the team of Vulnerability security researchers includes mybrowser.microsoft.com and identityhelp.microsoft.com as well. It has been reported that the number of Microsoft subdomains that currently face the risk of being taken over is well over 670 as of now.

The hijacked domains were reported by Numan Ozdemir and Ozan Agdepe from Vulnerability’s exploit and vulnerability alert service to Microsoft. Subdomains which were not linked to a website is what the team reportedly hunted for. It was a piece of cake for the team to see where a particular subdomain was supposed to redirect as Microsoft hosts them on Azure. For example, mybrowser.microsoft.com could be linked to browserver.azurewebsites.net.

Vulnerability also dug out the fact that in many cases when a particular subdomain was no longer being used by Microsoft, its DNS record was left as it is in place. Therefore, all that a hijacker needs to do in such cases is get hold of an Azure account to request browserver.azurewebsites.net and that would allow the hijacker to host whatever he or she pleases such as fake Microsoft phishing pages to collect usernames and passwords of the employees.

The researchers from Vulnerability said the whole process is dead simple and would require very less technical skills on the hijacker’s part to do a significant amount of harm. It was also mentioned that within 5 to 50 minutes a successful hijack could easily be carried out.

Ozdemir and Agdepe from the team of the security researchers of Vulnerability said that they were responsible for ethically reported those vulnerably critical subdomains to Microsoft before malicious attackers could exploit them by hijacking.

Advertisements

In the video below, they both demonstrate how the theft of account passwords and cookies are one of the major vulnerabilities of subdomain takeover.

Microsoft Repeatedly Ignoring Warning Bells?

As mentioned previously that it’s high time Microsoft should take notice of this problem. It is easier for the company now to get rid of it while the alarms are still going off and not after the situation has worsened, it looks like the company doesn’t really believe in taking precautions.

This time, the Vulnerability researchers have only reported 10 of the insecure subdomains to Microsoft, leaving out all the 660+ other vulnerable ones. They have taken the decision to do so in order to now take it upon themselves to make Microsoft offer researchers bounties to find such subdomain takeover security vulnerabilities. As of right now, Microsoft’s bug bounty program still doesn’t include these subdomain takeovers.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

Uber India Layoffs 25% Workforce Citing Tough Market Conditions

After laying off thousands of employees in the US, Uber is scaling down its operations in India...

Apple is Being Evil For 1.5 Billion iPhone, iPad Users Worldwide

Last year when Apple Inc. (NASDAQ:AAPL) was accused of recording everything that iPhone users were talking through Siri, the company was quick...

Is Bill Gates Developing Covid-19 Vaccine To Track Billions Of Users Worldwide?

Bill Gates is once again at the centre stage of controversy related to novel Coronavirus. Battling falsehood and paranoid...

Darkest Before Dawn: Can India Survive Its Worst Ever Recession?

Bolt your doors, batter down your hatches, brace yourselves. Recession is about to make landfall. According to Goldman Sachs, a...

Crisis Of Trust: The Glue Between Brands, Customers And Employees!

The COVID-19 crisis, which shows no sign of stopping any time soon, has left no life untouched in terms of impact. It...

WeWork Valuation: $2.9 Billion, Way Below Than Estimated $47 Billion 6 Month Ago

If you are thinking it is some kind of clickbait, you are highly mistaken. The debate on the valuation of WeWork once...

In-Depth: Dprime

Fantastic 4: Four Day Work Week A Flashpoint Of Innovation?

It has been an idea that has been mooted by many, perhaps also somewhat sceptically. From being a dark horse to becoming...

TikTok Is Facing The Wrath Of People Who Love It The Most

Ever since the popular social media app TikTok entered India, it has been growing very aggressively in terms of users. Within a...

Facebook Shops: Looking Beyond Ad Dollars!

Amid this global pandemic, when companies are struggling to find new verticals to pivot towards in order to maintain their revenue and...

More Articles Like This