MasterCard recently fixed a major DNS error that left them vulnerable to traffic interception and redirection for nearly five years. A security researcher discovered a mistyped domain name, akam.ne, and decided to secure it himself for $300, preventing potential exploitation. MasterCard uses shared DNS servers that ended in “akam.ne,” rather than the correct “akam.net.” Other organizations had made similar mistakes, but MasterCard was the most prominent. The researcher received positive recognition for his ethical actions, despite MasterCard’s attempt to prevent disclosure. The incident highlights the importance of proper cybersecurity measures and the potential risks associated with DNS configuration errors.
https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/