Hackers start DNS attacks using 'unknown exploit' researcher says

Hackers are now actively exploiting a critical flaw in the Domain Name System, but they're not using any of the already known exploits, said a researcher who crafted the first attack code to go public.

"We're seeing an entirely new technique," said HD Moore, the creator of the Metasploit penetration-testing framework, who with a hacker identified as "I)ruid" published exploits last week for the vulnerability in the Internet's routing system.

Late yesterday, Moore reported that he had found a compromised DNS server operated by AT&T Inc. when employees at his company, BreakingPoint Systems Inc., realized that they were being shunted to a bogus version of Google.com. Since then, Moore said today, he has heard from others who also reported redirects from hacked DNS servers. "They're saying, We've seen the same thing, so now we're trying to figure out if we're seeing attacks on a wide scale or not."