Thailand’s largest cell network AIS has pulled a database offline that was spilling billions of real-time internet records on millions of Thai internet users.
Security researcher Justin Paine said in a blog post that he found the database, containing DNS queries and Netflow data, on the internet without a password. With access to this database, Paine said that anyone could “quickly paint a picture” about what an internet user (or their household) does in real-time.
Paine alerted AIS to the open database on May 13. But after not hearing back for a week, Paine reported the apparent security lapse to Thailand’s national computer emergency response team, known as ThaiCERT, which contacted AIS about the open database.
The database was inaccessible a short time later.
It’s not known who owns the database. Paine told TechCrunch that the kind of records found in the database can only come from someone who’s able to monitor internet traffic as it flows across the network. But there is no easy way to differentiate between if the database belongs to the internet provider — or one of its subsidiaries — or a large enterprise customer on AIS’ network. AIS spokespeople did not respond to our emails requesting comment.
DNS queries are a normal side-effect of using the internet. Every time you visit a website, the browser converts a web address into an IP address, which tells the browser where the web page lives on the internet. Although DNS queries don’t carry private messages, emails, or sensitive data like passwords, they can identify which websites you access and which apps you use.
But that could be a major problem for high-risk individuals, like jou ..
Support the originator by clicking the read the rest link below.
