https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years
A critical error in MasterCard’s domain name system (DNS) configuration went unnoticed for nearly five years. This misconfiguration could have allowed attackers to intercept or divert internet traffic for a portion of the mastercard.com network.
The issue stemmed from a typo in one of the five DNS server names MasterCard uses at Akamai, a major internet infrastructure provider. These servers translate website names into numeric addresses for computers. Instead of ending in “akam.net” like the others, this particular server was named “akam.ne.”
Philippe Caturegli, a security researcher, discovered the typo and registered the corresponding domain “akam.ne” for $300 to prevent malicious actors from exploiting it. Caturegli observed hundreds of thousands of DNS requests hitting his server daily, indicating others might have made similar typos.
Had Caturegli set up malicious services on “akam.ne,” he could have potentially intercepted emails or even obtained website encryption certificates for affected domains. However, he responsibly reported the issue directly to MasterCard.
MasterCard downplayed the security risks, claiming there was “not a risk to our systems.” Caturegli disputed this, highlighting the potential for attackers to leverage public DNS resolvers and long-lasting cached data to reroute a significant portion of traffic.
The incident underscores the importance of robust DNS configurations and responsible vulnerability disclosure practices. MasterCard has since corrected the error, but the episode raises concerns about potential security weaknesses in critical infrastructure.