Protect Yourself Against DNS Hijacking https://www.ipburger.com/blog/protect-yourself-against-dns-hijacking
https://www.paloaltonetworks.com/cyberpedia/what-is-dns-hijacking What Is DNS Hijacking? DNS hijacking has been used to take over the web domain of The New York Times. What is it, and how does it work?
When a group of hackers known as the Syrian Electronic Army took over the web domain of The New York Times in 2013, the website became unavailable.
https://arstechnica.com/information-technology/2019/04/state-sponsored-domain-hijacking-op-targets-40-organizations-in-13-countries/ The wave of domain hijackings besetting the Internet is worse than we thought Despite widespread attention since January, DNS campaign shows no signs of abating.
Dan Goodin - 4/18/2019, 12:00 AM
What Are DNS Hijacking Attacks and How to Stop Them? April 27, 2019 ANGEL DAVITKOV
How do hackers break DNS?
If a domain name is to work, it needs to have its DNS settings properly configured. The DNS settings are, in essence, a collection of records that serve different purposes. The so-called “A record”, for example, contains the IP address of the server on which the website’s files are located, and the “MX record” stores information on the resources responsible for the email exchange on the domain.
Typically, only the domain’s owner (also known as a registrant) has access to these settings through an administration panel that is served by the organization selling the domain (often, this is the so-called registrar).
Sometimes, however, cybercriminals manage to get access to the DNS settings, and when they do, they can modify all the records and perform a variety of malicious activities.
They can, for example, change the A records and point the domain to a server that they control. This way, every person that tries to visit the targeted website ends up on the crooks’ server where they could be served malware or unwanted ads. If criminals set up a convincing-looking phishing page on the malicious server, they can easily harvest login credentials, and chances are, users would be none the wiser because the URL they see in the address bar would be the correct one. These are just some of the opportunities DNS hijacking offers.
DNS is the backbone of the modern Internet
PayPal, Netflix, Gmail, and Uber Users among Targets in New Wave of DNS Hijacking Attacks
By Mihai Vasilescu on April 20, 2019
Attackers restarting DNS hijacking campaign against consumer-grade routers after a short, 2-day break
Some of the consumer-grade routers targeted:
D-Link DSL Routers DSLink 260E ARG-W4 ADSL Router Secutech Routers TOTOLINK Routers
which domain names were targeted by the attackers *.com.br, gov.br など
Internet-based global enterprises:
- google.com, netflix.com, papal.com, gmail.com, uber.com
1.6. Frederica Cade's Blog