Philippe Caturegli, the head hacker at cybersecurity company Seralys, reported on a MasterCard error in configuring the name server, allowing unauthorized server impersonation and potential creation of fake certificates to intercept server connections.
The issue stemmed from MasterCard using Akamai’s DNS servers, which are widely distributed. These servers use the domain akam.net. MasterCard misconfigured the NS record to point to Akamai’s servers, but with a typo, leading to a22-65.akam.ne. Despite the error, multiple sets of NS records allowed the DNS resolution to continue functioning.
The domain .ne exists for the country of Niger, though it is not commonly used. Niger is one of the few countries that allow direct domain registration, similar to Thailand’s .th. Therefore, Caturegli was able to register akam.ne by paying a domain registration fee of approximately $300 and set up a server to respond to IP addresses instead of actual name servers.
MasterCard stated that this error did not pose a risk to their systems and has since corrected it.
Source: Krebs on Security
TLDR: MasterCard’s misconfiguration of the name server allowed potential server impersonation, but the issue has been resolved.
Leave a Comment