Robbing a Bank by DNS

Andy Greenberg, Wired:

The traditional model of hacking a bank isn’t so different from the old-fashioned method of robbing one. Thieves get in, get the goods, and get out. But one enterprising group of hackers targeting a Brazilian bank seems to have taken a more comprehensive and devious approach: One weekend afternoon, they rerouted all of the bank’s online customers to perfectly reconstructed fakes of the bank’s properties, where the marks obediently handed over their account information.

Yet another reminder that the infrastructure of the web is old and fragile, but it’s what we’ve got. I remain bewildered that it works as well as it usually does.