The DNS vulnerability in the Internet's design is allowing criminals to silently redirect traffic to Web sites under their control. The problem is being fixed, but its extent remains unknown and many people are still at risk.

The bug's existence was revealed nearly a month ago. Since then, criminals have pulled off at least one successful attack, directing some AT&T Inc. Internet customers in Texas to a fake Google site. The phony page was accompanied by three programs that automatically clicked on ads, with the profits for those clicks flowing back to the hackers.

There are likely worse scams happening that haven't been discovered or publicly disclosed by Internet service providers. "You can bet that the (Internet providers) are going to stay tightlipped about any attacks on their networks," said HD Moore, a security researcher.

The AT&T attack probably would have stayed quiet had it not affected the Internet service of Austin, Texas-based BreakingPoint Systems Inc., which makes machines for testing networking equipment and has Moore as its labs director. He disclosed the incident in hopes it would help uncover more breaches.

The underlying flaw is in the Domain Name System (DNS), a network of millions of servers that translate words typed into Web browsers into numerical codes that computers can understand.

What this means is that a computer user in say, San Francisco, might type http://www.yahoo.com and head straight to the real Yahoo site, while at the same moment, a user in New York — whose traffic is routed through different DNS servers — might type that same Web address and end up on a phony duplicate site.

Looking for secure dns services? SOADNS.com