GSD-2022-1004950

Source
https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1004xxx/GSD-2022-1004950.json
Published
2022-08-01T16:34:28.222568Z
Modified
2022-08-01T16:34:28.222568Z
Details

The eth.link domain name was taken over by a new, unknown, entity on 2022-07-31 ("eth.link has expired. Was this your domain name and would like to renew it? Click here to login to your Uniregistry.com account eth.link"). The domain currently shows a parked "for sale" page, but an attacker that buys it (or the current owner) could easily serve DNS queries for the domain and subdomains (of which there were many). All client software and existing links pointing at eth.link or subdomains can be attacked via spoofing and impersonation of web sites with valid certificates/etc resulting in easy social engineering.

References

Affected packages

GSD / eth.link domain name

eth.link domain name

Affected ranges

Affected versions

Other

2022-07-31 and later