Detailedlikelihood: Lowseverity: MediumDraft
CAPEC-611BitSquatting
Abstraction
Detailed
Status
Draft
Likelihood
Low
Severity
Medium
Description
An adversary registers a domain name one bit different than a trusted domain. A BitSquatting attack leverages random errors in memory to direct Internet traffic to adversary-controlled destinations. BitSquatting requires no exploitation or complicated reverse engineering, and is operating system and architecture agnostic. Experimental observations show that BitSquatting popular websites could redirect non-trivial amounts of Internet traffic to a malicious entity.
Related attack patterns· 3
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.