Attackers with DNS Rebinding change the DNS server settings in your devices, home CPEs, and other network devices. The goal is to get them to use their DNS Resolver vs the one provided by your Operator (or one you select for a DNS security service). The miscreants (bad guys) will use malware, phishing, and other techniques to use your human controlled devices to change the DNS Resolver settings on your internal devices. This can be everything form your CPE (DNS Changer style) to your home control units, to all over devices in the home. This is a persistent attack vector that will resurge every time there is a new generation of “devices in the home” which have not been locked down and secured.
We have a several new exposure/vulnerability details from several authors. These are well-detailed explanations that help you understand the risk.
Much of the risk will be mitigated through the upgrade of software on devices to make it harder for malware to reset the DNS on these devices. We’ll add more detection, mitigation, and remediation details through the lifecycle of this wave of DNS Rebinding Notifications.
DNS Rebinding Articles and Blogs
(2018-06-19) Attacking Private Networks from the Internet with DNS Rebinding – TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home thermostats and more. by Brannon Dorsey
(2007-10-19) Protecting Browsers from DNS Rebinding Attacks (Original Paper)