Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet

Stephane Bortzmeyer bortzmeyer at
Fri Dec 6 19:57:39 UTC 2013

On Fri, Dec 06, 2013 at 01:05:54PM -0500,
 Jared Mauch <jared at> wrote 
 a message of 36 lines which said:

> I've detected 11.6 million of these events since 2008 just looking at the
> route-views data.  Most recently the past two days 701 has done a large MITM of
> traffic.

The big novelty in the Renesys paper is the proof (with traceroute)
that there was a return path, something which did not exist in the
famous Pakistan Telecom case, or in most (all?) other BGP
hijackings. This return path allows to attacker to really get access
to the data with little chance of the victim noticing. That's
something new.

More information about the NANOG mailing list