Bitsquatting
Flips single bits in the ASCII representation of characters. Hardware memory errors can cause browsers to request these altered domains.
How It Works
Bitsquatting exploits random bit-flip errors that occur in computer memory (RAM). When a domain name is stored in memory, cosmic rays or hardware faults can flip a single bit, changing one character to another. For example, the ASCII code for "e" (01100101) with one bit flipped could become "d" (01100100) or "g" (01100111). This happens silently and the user never notices.
Real-World Examples
- Researchers at BlackHat 2011 demonstrated receiving real traffic on bitsquatted domains
- goohle.com (bit-flip of "g" to "h" in google)
- mic2osoft.com (bit-flip of "r" to "2")
Prevention Tips
- Register bit-flip variants of your most critical domains.
- Use ECC (Error-Correcting Code) RAM on your servers to prevent bit flips.
- While rare, bitsquatting traffic is real and measurable — treat it as a genuine threat vector.