The "SubdoMailing" ad fraud campaign is leveraging over 8,000 legitimate domains and 13,000 subdomains to dispatch up to five million scam and malvertising emails daily. This operation exploits abandoned domains and subdomains of reputable companies, thus evading spam filters and misusing established SPF and DKIM email policies to appear legitimate.
Dangling DNS records were abused by researchers to hijack subdomains belonging to major organisations, warning that thousands of entities are impacted. According to securityweek.com, researchers have abused dangling DNS records to hijack subdomains belonging to over a dozen major organisations, and they warn that thousands of entities are vulnerable to such attacks. Read this and more great reporting from the author Eduard Kovacs on the link below.
Ferrari had its Corporate Identity stolen and used to host a scam promoting a fake Ferrari NFT collection. According to bleepingcomputer.com, ethical hacker and bug bounty hunter Sam Curry reported that the Ferrari subdomain forms.ferrari.com was hosting a fake NFT scam. Read this and more great reporting from the author Ax Sharma on the link below.
The Department for Transport (DfT) of the UK Government had its Identity stolen and used to expose end-users to explicit adult material. According to bleepingcomputer.com, the domain name identity charts.dft.gov.uk was hijacked. The hackers directed all visitors to this domain name to a web page containing explicit adult material. Read this and more great reporting from the author Ax Sharma on the link below.
The current President of the United States had his identity stolen by hackers and used for website vandalism. Securityweek.com reported on November 23, 2020 that Joe Biden had the domain name identity vote.joebiden.com hijacked. It is not known to us if then hackers used the identity to target Joe Bides ecosystem. Read this and more great reporting from securityweek.com on the link below.
Wired is reporting that a hacker group, named "Sea Turtle" by Cisco's Talos security division, has exploited a long-standing vulnerability in internet security: DNS hijacking. This group targeted 40 entities, including many in the governmental sector from the Middle East and North Africa. By manipulating the internet's directory, they intercepted various internet communications, endangering traffic across numerous national domains.
2024-03-29, Sectigo Limited
Root Causes 373: Massive Brand Hijack Subverts More Than 21,000 Domains and Subdomains
2024-02-26, Tim Callan
Root Causes 365: What Is Subdomain Hijacking?
2024-02-26, bleepingcomputer.com
Hijacked subdomains of major brands used in massive spam campaign
2024-02-26, Guardio Labs
“SubdoMailing” — Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions of Malicious Emails
2024-02-07, TMFE Pty Ltd
Episode 240 Deep Dive: Cricket Liu | The Past, Present, and Future of DNS: Security Evolution, Collaboration, and Maximizing Infrastructure Efficiency
2023-12-15, csoonline.com
Cloud squatting: How attackers can use deleted cloud assets against you
2023-12-01, cpomagazine.com
The Glaring Gap in Your Cybersecurity Posture: Domain Security
2023-11-01, thedrive.com
Lawsuit Claims ‘Nissan.com’ Has Been Stolen After Years of Legal Drama
2023-11-01, cryptopotato.com
Frax Finance Reports Domain Hijacking Incident
2023-10-31, darkreading.com
'Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains
2023-10-06, cointelegraph.com
Galxe protocol experiences DNS attack, losses $150K
2023-09-27, darkreading.com
Identity attacks, which often involve impersonation and privilege escalation, are a growing persistent threat to organizations worldwide.
2023-09-26, networkworld.com
DNS security poses problems for enterprise IT
2023-09-21, cointelegraph.com
Balancer blames ‘social engineering attack’ on DNS provider for website hijack
2023-08-31, securityweek.com
Dangling DNS Used to Hijack Subdomains of Major Organizations
2023-07-24, circleid.com
Three Reasons Why CISOs Need to Know How Their Company Is Managing Their Domains
2023-07-14, SiliconANGLE Media Inc
Attackers target the Domain Name System, the internet’s phone book. Here’s how to fight back
2023-06-30, asec.ahnlab.com
Malware Execution Method Using DNS TXT Record
2023-04-18, Corporation Service Company (CSC)
Subdomain hijacking vulnerabilities report
2023-02-17, arstechnica.com
GoDaddy says a multi-year breach hijacked customer websites and accounts
2023-01-26, futurism.com
Hackers Took Over a Subdomain of Wired.com for Several Months and Replaced It With Sleazy Online Casino Content
2022-09-21, Bleeping Computer LLC
Domain shadowing becoming more popular among cybercriminals
2022-08-25, Future Publishing Limited Quay House
DNS is now more important than ever for internet traffic
2022-08-18, Cointelegraph
Celer Network shuts down bridge over potential DNS hijacking
2022-08-10, Tron Weekly
Curve Finance’s Hackers Loot $570K Via DNS Hijacking
2022-07-02, CryptoPotato
DNS Hijack Compromised Ankr’s Services for Polygon and Fantom
2022-06-24, Defiant Media Inc
Hackers Step Up Attempts to Hijack DeFi Websites
2022-06-24, Yahoo Inc
Hackers Step Up Attempts to Hijack DeFi Websites Convex's Domain Name Server Targeted in Latest Spoofing Exploit
2022-06-13, The Hacker News
Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks
2022-05-06, Bleeping Computer LLC
Ferrari subdomain hijacked to push fake Ferrari NFT collection
2022-03-29, Help Net Security
Subdomain takeover attacks on the rise and harder to monitor
2021-11-25, Bleeping Computer LLC
UK government transport website caught showing porn
2021-11-25, The Crow
A Gov.uk site dedicated to porn? Absolutely. Best of British Porn? Not Quite.
2021-10-21, Reed Exhibitions Ltd
72% of Organizations Experienced a DNS Attack in the Past Year
2021-09-23, Saint Bitts LLC - Bitcoin.com
Hackers Compromise Web Portal Bitcoin.org — DNS Hijack Replaces Site With BTC Doubler Scam
2021-09-03, Bleeping Computer LLC
Over 60,000 parked domains were vulnerable to AWS hijacking
2021-05-24, CircleID
“It’s Always DNS!” Why DNS Is the Biggest Single Point of Failure in the New Norm
2021-03-15, The Record by Recorded Future
DNS hijacks at two cryptocurrency sites point the finger at GoDaddy, again
2021-02-28, The Perl Foundation
The Hijacking of Perl.com
2020-11-23, Wired Business Media
Subdomain of Official Joe Biden Campaign Website Defaced by Turkish Hacker
2020-06-07, Sophos Ltd
Company web names hijacked via outdated cloud DNS records
2020-04-17, The Spamhaus Project SLU
The Current State of Domain Hijacking, and a specific look at the ongoing issues at GoDaddy
2019-06-17, IDG Communications, Inc
DNS hijacking grabs headlines, but it’s just the tip of the iceberg
2019-04-17, WIRED Media Group
Cyberspies Hijacked the Internet Domains of Entire Countries
2019-04-17, Cisco Systems, Inc
DNS Hijacking Abuses Trust In Core Internet Service
2019-04-07, Forbes
Gmail, Netflix and PayPal Users Targeted In DNS Hijacking Campaign
2019-02-23, Techcrunch
ICANN warns of “ongoing and significant” attacks against internet’s DNS infrastructure
2019-02-18, Krebs on Security
A Deep Dive on the Recent Widespread DNS Hijacking Attacks
2019-02-18, WIRED Media Group
Inside the DNSpionage hacks that hijack domains at an unprecedented scale
2018-12-11, Threatpost
Linux.org Redirected to NSFW Page Spewing Racial Epithets
2018-01-14, Bleeping Computer LLC
Hackers Hijack DNS Server of BlackWallet to Steal $400,000
2013-08-27, The Washington Post
The New York Times Web site was taken down by DNS hijacking. Here’s what that means.
2024-02-13, UK NCSC
Phishing attacks: defending your organisation
2023-01-22, US Government CISA
Emergency Directive 19-01
2019-09-19, US Government CISA
Mitigate DNS Infrastructure Tampering
2019-06-12, UK Government NCSC
Ongoing DNS hijacking and mitigation advice
2019-02-12, US Government CISA
DNS Infrastructure Hijacking Campaign
2019-02-05, UK Government NCSC
DNS hijacking activity
2022-10-25, Gautam Akiwate, Raffaele Sommese, Mattijs Jonker, Zakir Durumeric, KC Claffy, Geoffrey M. Voelker, Stefan Savage
Retroactive Identification of Targeted DNS Infrastructure Hijacking
2021-11-22, Rebekah Houser; Shuai Hao; Zhou Li; Daiping Liu; Chase Cotton; Haining Wang
A Comprehensive Measurement-based Investigation of DNS Hijacking
2020-11-02, Eihal Alowaisheq, Siyuan Tang, Zhihao Wang, Fatemah Alharbi, Xiaojing Liao, XiaoFeng Wang
Zombie Awakening: Stealthy Hijacking of Active Domains through DNS Hosting Referral
2020-04-08, Asadullah Shaikh, Bhavika Pardeshi, Faraz Dalvi
Overcoming Threats and Vulnerabilities in DNS
2019-02-07, Rashid, S. M. Zia Ur & Kamrul, Md. Imtiaz & Alam, Asraful.
Understanding the Security Threats of Esoteric Subdomain Takeover and Prevention Scheme.
2017-10-30, Thomas Vissers, Timothy Barron, Tom Van Goethem, Wouter Joosen, Nick Nikiforakis
The Wolf of Name Street: Hijacking Domains Through Their Nameservers
2016-10-24, Daiping Liu, Shuai Hao, Haining Wang
All Your DNS Records Point to Us: Understanding the Security Threats of Dangling DNS Records
2015-07-09, Xue, Jupo Liu, Yang Chang, Peng Xiao, Jun
Design and Implementation of Domain Hijacking Detection System
2005-10-19, Venugopalan Ramasubramanian and Emin Gun Sirer
Perils of Transitive Trust in the Domain Name System
