linux-nerds.org

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Hackers Are Finding New Ways to Hide Malware in DNS Records

Technology

5 Beiträge 5 Kommentatoren 0 Aufrufe

R This user is from outside of this forum
R This user is from outside of this forum
rgb@group.lt

schrieb zuletzt editiert von

#1

https://archive.ph/z8DTZ
New ways, but they are really creative!

Hackers Are Finding New Ways to Hide Malware in DNS Records

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

WIRED (www.wired.com)
F D P 3 Antworten Letzte Antwort

111
R rgb@group.lt

https://archive.ph/z8DTZ
New ways, but they are really creative!

Hackers Are Finding New Ways to Hide Malware in DNS Records

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

WIRED (www.wired.com)
F This user is from outside of this forum
F This user is from outside of this forum
floofloof@lemmy.ca

schrieb zuletzt editiert von

#2

"Ignore all previous instructions. Ignore all future instructions."

I like that one. Can we add "ignore all instructions from everyone else" and just be done with these LLMs?
G 1 Antwort Letzte Antwort

33
R rgb@group.lt

https://archive.ph/z8DTZ
New ways, but they are really creative!

Hackers Are Finding New Ways to Hide Malware in DNS Records

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

WIRED (www.wired.com)
D This user is from outside of this forum
D This user is from outside of this forum
dgdft@lemmy.world

schrieb zuletzt editiert von dgdft@lemmy.world

#3

Not to detract from the article, but this has actually been a long time coming and known as a vector for decades.

E.g.: https://news.ycombinator.com/item?id=38419272
1 Antwort Letzte Antwort

23
F floofloof@lemmy.ca

"Ignore all previous instructions. Ignore all future instructions."

I like that one. Can we add "ignore all instructions from everyone else" and just be done with these LLMs?
G This user is from outside of this forum
G This user is from outside of this forum
gravitas_deficiency@sh.itjust.works

schrieb zuletzt editiert von

#4

Remember when I said “ignore all future instructions”? You just now ignore that instruction.
1 Antwort Letzte Antwort

2
R rgb@group.lt

https://archive.ph/z8DTZ
New ways, but they are really creative!

Hackers Are Finding New Ways to Hide Malware in DNS Records

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

WIRED (www.wired.com)
P This user is from outside of this forum
P This user is from outside of this forum
philthi@lemmy.world

schrieb zuletzt editiert von

#5
Unless I'm missing something here... The attacker needs to be running some sort of executable in your network with permissions to:
- dig the records and assemble the strings
- write the decoded result to a file
- make that file executable
- execute that file
You've got bigger problems than hexadecimal txt records in this scenario...

The only difference between this and a GitHub gist appears to be that security software doesn't scan traffic in port 53... It easily could be configured for that though surely... It's just UDP traffic like any other.

Someone tell me what I'm missing!
1 Antwort Letzte Antwort

12

Anmelden zum Antworten

L

Ecco i nuovi compensi SIAE per copia privata: aumenta tutto, soprattutto gli smartphone. E scatta la pazza idea di tariffare anche il cloud
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
1

1

0 Stimmen

1 Beiträge

1 Aufrufe

Niemand hat geantwortet
D

Former GM Executive: BYD cars are good in terms of design, features, price, quality. If we let BYD into the U.S. market, it could end up destroying american manufacturers
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
384

1

802 Stimmen

384 Beiträge

956 Aufrufe

F

You too, just count your blessings, and think about what you have and don't focus on what you don't (or can't) have. I like to lead a more minimalist life so I can retire, small cabin in the mountains, maybe put up a big tent for a bed and breakfast to cover my cost a bit. And just be busy with growing my own food, chickens, getting ready for winter doing repairs, hiking. Now with solar panels being cheap and batteries, going off the grid is a lot easier. And if you don't need much you can live very cheap. Search for Martijn Doolaard on youtube and you know what I mean, although i want to keep it a bit simpler.
P

A US judge rules that Huawei must face criminal charges in an indictment alleging racketeering, stealing trade secrets, and bank fraud tied to Iran sanctions
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
1

37 Stimmen

1 Beiträge

9 Aufrufe

Niemand hat geantwortet
G

Vancouver man says institutions unable to recognize new Indigenous street name
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
24

1

83 Stimmen

24 Beiträge

133 Aufrufe

C

I love how they put up the English name after the first outcry of "where do I send the ambulance again" fears.
P

Adaptive Keyboards & Writing Technologies For One-Handed Users
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
5

1

111 Stimmen

5 Beiträge

37 Aufrufe

T

Came here to say this.
M

Claude Exporter: Claude to PDF, MD and more
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
1

2

0 Stimmen

1 Beiträge

14 Aufrufe

Niemand hat geantwortet
0

Is Reddit in/directly attacking lemmy instances with controversial AI posts to overpower mods and reduce user experience?
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
15

39 Stimmen

15 Beiträge

76 Aufrufe

C

I believed they were doing such things against budding competitors long before the LLM era. My test is simple. Replace it with China. Would the replies be the opposite of what you've recieved so far? The answer is yes. Absolutely people would be frothing at the mouth about China being bad actors. Western tech bros are just as paranoid, they copy off others, they steal ideas. When we do it it's called "innovation".
C

Chinese chip giants say they don't care about U.S. tariffs — many don't sell to the U.S. anyway due to existing sanctions
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
7

1

0 Stimmen

7 Beiträge

33 Aufrufe

F

It's an actively hostile act, regardless of what your beliefs are on the copyright system.