Posts Tagged ‘IDN Homograph Attacks’

Chris Weber: The current state of IDN homograph spoofing in 2009

Aside from the frightening SSL stuff, Moxie Marlinspike stirred up some good interest in Internationalized Domain Names at Black Hat in DC with his domain lookalike attack. Since I’ve been studying the topic for a while, I wanted to point out some things about IDN people may want to know. At CanSecWest and SOURCE Boston […]

Chris Weber: Unicode attacks and test cases – Visual Spoofing, IDN homograph attacks, and the Mixed Script Confusables

More on lookalikes, confusables, IDN homograph attacks, and other fun stuff, continued from the previous post.
Mixed-script confusables
These occur when letters from one alphabet or script, are used to give the same visual appearance as letters from a completely different script.  For example, the following words contain a mix of Latin and Cyrillic letters […]

Spoofing possible thanks to particular characters

By the technique, that the homograph-Attack is named, become sites made with a domain name in which not-English characters prevent. An example of this is www.pа In the address beam appeared usual paypal. com, but in reality ends up the internal pus on a site of a swindler. Swindlers can for instance also a known […]

ICANN: IDN Spoofing Concerns

Domain name spoofing works by exploiting the visual resemblance, or near- resemblance, of certain characters and symbols. ICANN is concerned about the potential exacerbation of domain name spoofing as IDNs become more widespread, and is equally concerned about the implementation of countermeasures that may unnecessarily restrict the use and availability of IDNs. ICANN’s public comment […]