Infoblox Threat IntelJul 31, 2024
This attack is unbelievably powerful, easy, and preventable. It’s the criminal’s best kept secret. Much stealthier and more effective than dangling CNAMEs. We found many Russian-nexus actors, but we suspect there are more to be found. Please boost for awareness and hope we aren’t rediscovering this attack in another 6 years. Thanks to everyone contributed to our understanding of the attack and the actors using it … including Proofpoint, @rmceoin Dave Safely, Mandatory, and @briankrebs @dnsoarc #sittingducks #dns #domainhijacking #cybercrime #cybersecurity #infosec #threatintel #malware #phishing #tds #vextrio #404tds #threatintelligence #infoblox @knitcode https://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/
Who Knew? Domain Hijacking is So Easy | Infoblox

Learn about the insidious DNS attack vector that threat actors are using to hijack domains from major brands, government institutions, and other organizations, large and small. Find out how to determine whether your domain name is at risk.

Infoblox Blog
Show threadPathetiQJul 31, 2024
@InfobloxThreatIntel @rmceoin @briankrebs @dnsoarc @knitcode isn't that just regular domain hijack TK register an account after the service went offline?
Show threadInfoblox Threat Intel
@pathetiq @rmceoin @briankrebs @dnsoarc @knitcode not sure what you mean by regular. The use of Sitting Ducks by threat actors at scale and the breadth of exploitability is previously unpublished -- this is what is jaw dropping. we have a variety of resource links to other known types of hijacks in the blog.
Aug 1, 2024 at 1:42pmWeb