SAN FRANCISCO (AP) — A giant vulnerability in the Internet's design is allowing criminals to silently redirect traffic to Web sites under their control. The problem is being fixed, but its extent remains unknown and many people are still at risk.
The gaping security hole enables a scam that targets ordinary people typing in a legitimate Web address. It happens because hackers are now able to manipulate the machines that help computers find Web sites. If the trick is done properly, computer users are unlikely to detect whether they've landed at a legitimate site or an evil double maintained by someone bent on fraud.
Security experts fear an open season for virus attacks and identity-fraud scams.