Attack Scenario

Your company starts using a new service, eg an external Support Ticketing-service.

Your company points a subdomain to the Support Ticketing-service, eg support.your-domain.com

Your company stops using this service but does not remove the subdomain redirection pointing to the ticketing system.

Attacker signs up for the Service and claims the domain as theirs. 
  No verification is done by the Service Provider, and the DNS-setup is already correctly setup.
Attacker can now build a complete clone of the real site, add a login form, redirect the user, steal credentials (e.g. admin accounts), cookies and/or completely destroy business credibility for your company.

MoinQ: DNS/hijacking/解説記事/detectify/herokugithubdesk (last edited 2023-09-16 05:01:10 by ToshinoriMaeno)