https://twitter.com/QuillAudits/status/1526116255757139968?s=20&t=5RdlOq-Y2lF9JMCnT7SEBQ

The What, How, and Why of domain hijacking || The @GoDaddy Hack 

GoDaddy, the world’s biggest domain registrar has been hacked.

Here’s how a domain is hijacked, and other types of DNS attacks.

🧵

1. How

#Domainhijacking covers various tactics to illegally transfer ownership from its legal owner to someone else.

How a #Domain is Hijacked?

The most common method is by changing the admin’s handle information via social engineering or getting access to admin's email account.


The admin’s contact email address can be found in the public records via the WHOIS record for the domain.

Once the hacker gets access to the email address, they’re just an email away from taking over the target domain.

Well, it’s that easy, isn’t it?

2. Why?

#Hackers can have different motives while doing so. They can be motivated by monetary gains, any malicious intent, or hacktivism.

Other Types of DNS Attacks that You Should Know

Apart from #domainhijacking, there are several other critical #DNS attacks such as:

午後5:26 · 2022年5月16日·Twitter Web App

3. Other DNS attacks:

4. ⦾Typosquatting

Also called URL #hijacking, a sting site, or a fake URL, is a form of cybersquatting, and possibly brandjacking.

It relies on mistakes such as typos made by Internet users when inputting a website address into a web browser.

#cryptonews | #godaddy

画像 午後5:26 · 2022年5月16日·Twitter

5. ⦾Cache poisoning

Cache poisoning refers to a computer security vulnerability where invalid entries can be placed into a cache, which is then assumed to be valid when later used.

Two common varieties are #DNS cache poisoning and ARP cache poisoning.

午後5:26 · 2022年5月16日·

6. ⦾DDoS

DDoS, or distributed denial of service, is a type of cyberattack that tries to make a website or network resource unavailable by flooding it with malicious traffic so that it is unable to operate.

#cryptonews | #godaddy | #domainhijacking

午後5:26 · 2022年5月16日

7. ⦾DNS amplification attacks

#DNS amplification is a DDoS attack in which the attacker exploits vulnerabilities in domain name system (DNS) servers.

The attacker does so to turn initially small queries into larger payloads, which are used to bring down the victim’s servers.

画像 午後5:26 · 2022年5月16日


CategoryDns CategoryWatch CategoryTemplate

MoinQ: DNS/Domain hijacking/Godaddy/QuillAudits (last edited 2022-05-16 23:56:48 by ToshinoriMaeno)