From Emoji to Zero-Day: Latin Homoglyphs in Domains and Subdomains

Matt Hamilton

on Mar 4, 2020 8:35:55 AM

ADVISORY SUMMARY

Security researcher Matt Hamilton (a Bishop Fox alumnus, now with Soluble) published a new security advisory about homograph domain names on gTLDs (.com, .net, etc) as well as subdomains within some SaaS companies using homoglyph characters. The attack is similar to an IDN Homograph attack and presents all the same risks. An attacker could register a domain or subdomain which appears visually identical to its legitimate counterpart and perform social-engineering or insider attacks against an organization.

Hamilton announced that between 2017 and today, more than a dozen homograph domains have had active HTTPS certificates. This included prominent financial, internet shopping, technology, and other Fortune 100 sites.

In a partnership between Soluble and Bishop Fox, Verisign and SaaS services (Google, Amazon, Wasabi, DigitalOcean) were notified of the vulnerability and have received continuous updates on the ongoing research. The full disclosure timeline and technical details are available here.

Technical details are available here.

Keywords

IDN Homograph attack

From Emoji to Zero-Day: Latin Homoglyphs in Domains and Subdomains

ADVISORY SUMMARY

Technical details are available here.

Keywords

Related Content

CONSULTING SERVICES

CONSULTING SERVICES

PARTNER PROGRAMS

LABS | RESEARCH & RESOURCES

CAREERS

COMPANY

COMMUNITY

CONTACT

ADDRESS

From Emoji to Zero-Day: Latin Homoglyphs in Domains and Subdomains

ADVISORY SUMMARY

SHARE

Technical details are available here.

Keywords

Related Content

FIND OUT FIRST

CONSULTING SERVICES

CONSULTING SERVICES

PARTNER PROGRAMS

LABS | RESEARCH & RESOURCES

CAREERS

COMPANY

COMMUNITY

CONTACT

ADDRESS