{"id":5763,"date":"2018-05-30T11:16:29","date_gmt":"2018-05-30T09:16:29","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=5763"},"modified":"2022-06-25T17:08:36","modified_gmt":"2022-06-25T15:08:36","slug":"cloudflare-dns-service-1-1-1-1-hacked-from-china","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/05\/30\/cloudflare-dns-service-1-1-1-1-hacked-from-china\/","title":{"rendered":"CloudFlare DNS service 1.1.1.1 hacked from China … ?"},"content":{"rendered":"

[German<\/a>]A short note\/information for users, who use the DNS service of CloudFlare. The service was (possibly) hacked by China. Here is some information.<\/p>\n

<\/p>\n

DNS service, what do I need it for?<\/h2>\n

\"\"A DNS service is contacted for each action on the Internet (e.g. retrieving an Internet page in the browser). This DNS service converts URLs in the form www.borncity.com into an IP address. Only this IP address enables the browser, the e-mail client, etc. to contact the relevant servers on the Internet.<\/p>\n

The DNS service is the address book of the Internet, which provides the address (similar to street and city) of a name. If you control the DNS service, you can of course determine where Internet requests are redirected to.<\/p>\n

There are various DNS services in use<\/h2>\n

As an ordinary user you don't really care about DNS services. The DSL routers, Windows systems and mobile devices are pre-configured so that a DNS server is known. Internet requests are resolved via this DNS server.<\/p>\n

In most cases, a DNS service of the provider is used. But whenever this DNS service is too slow, fails or cannot be used due to censorship, the some users will configure an alternative DNS service in the router or operating system. There is the Google DNS service under the IP address 8.8.8.8.<\/p>\n

CloudFlare DNS service 1.1.1.1<\/h2>\n

But also CloudFlare offers a DNS service under the IP address 1.1.1.1 (see my blog post Cloudflare launches DNS Service with IP 1.1.1.1<\/a>). Arguments for the offer included speed and above all the provision of privacy. CloudFlare assured to delete the data within 24 hours to ensure privacy.<\/p>\n

\"CloudFlare(Cloudflare DNS address)<\/p>\n

DNS service hijacked?<\/h2>\n

I don't have a lot of information. Jake Williams (@MalwareJake) has posted the following tweet (now deleted, due to the fact, that it wasn't\u00a0Shanghai Telecom).<\/p>\n

\n

CloudFlare's new DNS service at 1.1.1.1 was hijacked by (drum roll please)
\n.
\n.
\n.
\n.
\nChina!
\nI wish I could say I'm surprised. I'm not. While this might be anecdotal bias, I'm not surprised that it's Shanghai Telecom either. https:\/\/t.co\/okPZdjITeh<\/a><\/p>\n

\u2014 Jake Williams (@MalwareJake) 29. Mai 2018<\/p><\/blockquote>\n