CAPEC-611: BitSquatting

An adversary registers a domain name one bit different than a trusted domain. A BitSquatting attack leverages random errors in memory to direct Internet traffic to adversary-controlled destinations. BitSquatting requires no exploitation or complicated reverse engineering, and is operating system and architecture agnostic. Experimental observations show that BitSquatting popular websites could redirect non-trivial amounts of Internet traffic to a malicious entity.

Medium

Typical severity

Per MITRE

Low

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-611 (BitSquatting) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-611: BitSquatting

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Frequently asked questions

What is CAPEC-611?

How does a BitSquatting attack work?

How do you prevent CAPEC-611?

How severe is CAPEC-611?

References

Defend against CAPEC-611

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Related attack patterns

Parent

Can precede

Related

Frequently asked questions

What is CAPEC-611?

How does a BitSquatting attack work?

How do you prevent CAPEC-611?

How severe is CAPEC-611?

References

Defend against CAPEC-611