About underminr
What's the purpose of this site?
The primary aim of this site is to act as a central information hub for cyber defenders and security researchers about the Underminr vulnerability. It is put together and maintained by defenders who believe the integrity of the Domain Name System (DNS) should be protected as a foundational security element in protecting people and systems that connect to the internet.
History of the Vulnerability
The Underminr vulnerability was exposed by ADAMnetworks in their daily operations of enabling cyber defenders with Preemptive Security through their Zero Trust Connectivity technologies. They teamed up with multiple industry partners for responsible disclosure and collaboration to mitigate potential threats caused by this vulnerability. The aim of this collaboration is to support defenders around the world to protect against circumvention of internet-facing defense systems before mass exploitation could occur.
Frequently Asked Questions
Q.Can the Underminr vulnerability be used for phishing and credential theft?
Yes. Although it does not facilitate direct redirection of legitimate web services to phishing sites, Underminr techniques can be used as part of any attack that requires circumvention of defenses as part of the attack chain.
Q.Is this similar to Domain Fronting and why do CDNs allow this vulnerability to exist?
Yes. Although Domain Fronting has been mostly neutralized since 2018 by most Content Delivery Networks (CDNs), the techniques used with Underminr allow for circumvention outcomes very similar to legacy Domain Fronting.
Q.How do I know if my domain is vulnerable?
You can use the Have I Been Undermined tool hosted on https://underminr.ai to check if your domain could be abused or if any field reports associate your domain with reported exploitation activities.