"With KeyTrap, an attacker could completely disable large parts of the worldwide Internet" — this deceptively simple cyberattack could spell doom for apps everywhere

News
By published

A DoS attack at the DNS level could render apps useless for hours

web hosting
(Image credit: Shutterstock / imaginajib)

Security researchers have discovered a major flaw in the DNS system that could “completely disable" large parts of the worldwide Internet for extended periods of time.

Cybersecurity researchers from the National Research Center for Applied Cybersecurity ATHENE, Goethe University Frankfurt, Fraunhofer SIT, and the Technical University of Darmstadt, recently found a flaw in the Domain Name System Security Extension (DNSSEC), a security protocol that adds an additional protection layer to the Domain Name System (DNS).

With DNSSEC, DNS records get a digital signature that confirms they weren’t changed, or forged, in transit.

Fixes available

The flaw, tracked as CVE-2023-50387, was named KeyTrap, and in short - allows threat actors to mount long-lasting denial-of-service (DoS) attacks against various internet applications and programs. "Exploitation of this attack would have severe consequences for any application using the Internet, including unavailability of technologies such as web-browsing, e-mail, and instant messaging," ATHENE said in an advisory. "With KeyTrap, an attacker could completely disable large parts of the worldwide Internet," the researchers warned. 

A patch was already developed and is being deployed at press time.

Akamai’s figures show that almost a third of all internet users are susceptible to KeyTrap, BleepingComputer reported.

The vulnerability, they further explained, was present in DNSSEC for more than two decades, but was never discovered or exploited due to the complexity of the DNSSEC validation requirements. The attacks would result in the denial of service lasting anywhere between a minute and 16 hours.

In early November 2023, the researchers demonstrated their findings to Google and Cloudflare, with whom they’ve been working on mitigations, ever since. Now, Akamai already released mitigations for its DNSi recursive resolvers, and both Google and Cloudflare deployed their patches, as well. 

While having the issue fixed is good news, the researchers stress that in order to be safe from future similar threats, the entire DNSSEC design philosophy should be reevaluated. 

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
An image of network security icons for a network encircling a digital blue earth.
Standing strong against hyper-volumetric DDoS attacks
A VPN runs on a mobile phone placed on a laptop keyboard
Major new online tunneling vulnerability could put millions of devices at risk
Location Data
Cloudflare CDN flaw could expose user location simply by sending an image
Web DDoS attacks see major surge as AI allows more powerful attacks
A VPN runs on a mobile phone placed on a laptop keyboard
SonicWall firewalls hit by worrying cyberattack
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Cisco, ASUS, QNAP, and Synology devices hijacked to major botnet
Latest in Security
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Latest in News
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
The Meta Quest 3 and controllers on their charging station which is itself on a wooden desk next to a lamp
Forget Android XR, I've got my eyes on Vivo's new Meta Quest 3 competitor as it could be the most important VR headset of 2025
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
An iPhone running iOS 18 on a purple and blue background
iOS 18.4 could launch soon with a major upgrade to your iPhone’s notifications
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
More about security
Code Skull

This dangerous new ransomware is hitting Windows, ARM, ESXi systems
Code Skull

Interpol operation arrests 300 suspects linked to African cybercrime rings
An iPhone running iOS 18 on a purple and blue background

iOS 18.4 could launch soon with a major upgrade to your iPhone’s notifications
See more latest
Most Popular
An iPhone running iOS 18 on a purple and blue background
iOS 18.4 could launch soon with a major upgrade to your iPhone’s notifications
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
The Meta Quest 3 and controllers on their charging station which is itself on a wooden desk next to a lamp
Forget Android XR, I've got my eyes on Vivo's new Meta Quest 3 competitor as it could be the most important VR headset of 2025
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
Klipsch Klipschorn AK7 in a room with lots of dark wood furniture and a bare brick wall
Klipsch just updated two of its most iconic stereo speaker designs, keeping these beautiful retro icons on your most-wanted list
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
A close up of the PlayStation symbol at the top of a PS5 Slim console with a white brick background
Sony has dropped a new PS5 update, improving activities and adding more emoji support
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?