
Anime video-on-demand site Crunchyroll hacked to deliver malware - btown
https://bartblaze.blogspot.com/2017/11/crunchyroll-hack-delivers-malware.html
======
krylon
During my training, I spent about three months helping with a BIND4 to BIND9
migration. As the migration was the result of a security audit, security
obviously must have been a top priority, or else they would not have let a
trainee do it. ;-)

But I had plenty of time to learn much about DNS security and all (okay: some
of) the ways it can be subverted. (A year later I met a member of the team
where I had done this, and he told me he still keeps a copy of the report I
had written on his desk as a reference. That made me very happy.)

Since then, I did not have much contact with DNS, except that I have run my
own DNS resolver ever since. But I forgot most of what I had learned.

So, I kind of wonder, has the state of DNS security improved in the last 13
years? I remember DNSSEC was not widely deployed back then, and that it was
kind of pointless, because none of the clients could be bothered to check
DNSSEC signatures. I imagine it it is now more widely deployed, and I suspect
clients still do not give a ____ about DNSSEC. Have I missed something?

Since the DNS protocol itself has nothing in terms of security, privacy,
authentication, and given that previous versions of BIND (I do not know about
the current ones) had bugs crawling all over them, I have wondered a couple of
times, why this is not used more commonly as an attack vector. Or is it?

Can someone recommend a resource for learning about this?

------
btown
For more detail, there is a discussion thread here:

[https://www.reddit.com/r/anime/comments/7aq2s7/psa_dont_ente...](https://www.reddit.com/r/anime/comments/7aq2s7/psa_dont_enter_crunchyrollcom_at_the_moment_it/)

Contrary to OP's post, there are unconfirmed reports that this is indeed
ransomware and that multiple users were affected.

------
DrScump
Earlier today, 32+ points

[https://news.ycombinator.com/item?id=15624939](https://news.ycombinator.com/item?id=15624939)

