DNS Hijacking

DNS hijacking is an attack where an attacker modifies DNS records to redirect traffic to a malicious server. It can occur through compromising a domain registrar account, exploiting router vulnerabilities to modify DNS settings, or via malicious DNS resolvers. DNS hijacking was behind several high-profile attacks on financial institutions in 2019. Mitigations include DNSSEC, registry lock services, multi-factor authentication on registrar accounts, and monitoring DNS changes.

Why it matters for your website

• 1Can result in traffic interception, phishing attacks using your domain, or service disruption
• 2Often discovered and exploited before organizations notice
• 3Preventable with proper monitoring and defensive DNS configuration