Here’s a scary idea that popped up in the evil back-parts of my ever-worrying brain: what if you combine Cross Site Scripting (XSS), the google-analytics.com domain and the recently discovered DNS Cache Poisoning attack?
Just about every website I visit on a daily basis uses Google-Analytics, which works by loading an external javascript file (located at http://www.google-analytics.com/ga.js) and starting the script on your webpage.
Now imagine someone succeeds in making your DNS server think that the domain “google-analytics.com” doesn’t point to Google’s servers, but to a malicious website? You could put anything in that javascript-file that is included. From basic cookie-stealing to evilness hidden in CGI-scripts.
That one domain could probably wreck more havoc over the internet than any other…