Turkish ISPs Set Up Fake Google DNS Servers

Google has confirmed its Domain Name System (DNS) service has been intercepted by internet providers in Turkey, amidst increasing censorship in the country.

DNS servers act as Internet phone books, translating web addresses such as techweekeurope.com into IP addresses like 178.32.54.141. The action taken by Turkish ISPs, where they have set up fake Google DNS servers, could allow them to serve users with fake websites, which could either be malicious or simply convey misleading information.

Google DNS and Turkish censorship

“Google operates DNS servers because we believe that you should be able to quickly and securely make your way to whatever host you’re looking for, be it YouTube, Twitter, or any other,” said Steven Carstensen, a Google software engineer, in a blog post on Saturday 29 March.

“But imagine if someone had changed out your phone book with another one, which looks pretty much the same as before, except that the listings for a few people showed the wrong phone number. That’s essentially what’s happened: Turkish ISPs have set up servers that masquerade as Google’s DNS service.”

Google had already seen its YouTube property blocked in Turkey last week, after reports indicated the site was hosting a video of a meeting of security officials discussing possible military action in Syria.

Micro-blogging service Twitter was also blocked the previous week. Turkish Prime Minister Recep Tayyip Erdogan claimed false rumours of a corruption scandal involving high-ranking government officials were being spread across Twitter just days ahead of an election, which took place on 30 March. A Turkish court overturned the Twitter ban last week.

Erdogan has claimed victory in the election, promising to make his political enemies pay for accusing him of corruption and leaked state secrets.

The Electronic Frontier Foundation (EFF) has urged users in Turkey to run the Tor Browser to avoid any censorship efforts. The Tor Project’s website was blocked, but a host of mirror sites still allowed for downloads.

But it had a warning over the potential dissemination of fake, malicious versions of the Tor Browser. “When the official distribution channel for a security or censorship circumvention tool is blocked, there is a very real danger of fake or backdoored copies of the tool being distributed under the guise of real tools,” the EFF said.

“Be sure to download your tools only from websites using HTTPS, and only from trusted sources such as the sites on this list. Beware of software which is distributed via IM, Skype message, or email, as well as links posted to Facebook groups.

Are you a security pro? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

18 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

19 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

19 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

21 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

24 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

1 day ago