Sunday, May 5, 2024

DNS Hijacking Campaign Targeting Various Organizations Around the Globe

By Guru baran

A new wave of DNS Hijacking campaign targeting various domains organizations belonging to various government, telecommunications and internet infrastructure entities.

The campaign has targeted victims across the globe at an unprecedented scale at a high degree of success rate. Security researchers from FireEye tracked the activity for several months and the attackers explotiting it with high degree of success.

DNS hijacking is a type of Malicious attack that used to redirect the users to the malicious website when they visit the website via compromised routers or attackers modifying a server’s settings.

According to researchers the campaign is active from January 2017 to January 2019 and the attack not carried out by a single actor based on the timeframes, infrastructure, and service providers.

“Technical evidence shows that attack carried out by threat actors in Iran and the entities targeted and the activity aligns with Iranian government interests.”

DNS Hijacking Campaign

Threat actors followed multiple techniques to manipulate the DNS records.

With the first method attackers log in with the DNS provider’s administration panel and attackers points the A record IP of the domain top a different IP address. Then attackers uses Let’s Encrypt certificate to establish a secure connection without any certificate errors.

In the second method attackers gained access to the server and they will change the nameserver details and implement proxies to listen all the ports.

Third technique involves DNS Redirector which responds to DNS requests, with the previously modified A and NS records to redirect victim’s traffic to the servers controlled by attackers.

Researchers said a number of the organization affected with the patterns of DNS record manipulations and fraudulent SSL certificates.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Cloudflare Announced Internet’s Fastest DNS Service 1.1.1.1 that Extremely Focus on Consumer Privacy

New Phishing Attack Taking Advantages of Vulnerability in Office 365 to Bypass all of Microsoft’s Security

Managed WAF Protection

Website

Latest articles

Cyber Crime

Ex-Cybersecurity Consultant Jailed For Trading Confidential Data

Vincent Cannady, a professional who used to work as a consultant in the cybersecurity...
cyber security

Mal.Metrica Malware Hijacks 17,000+ WordPress Sites

Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request...
cyber security

Hackers Exploit Microsoft Graph API For C&C Communications

An emerging threat leverages Microsoft's Graph API to facilitate command-and-control (C&C) communications through Microsoft...
cyber security

ApacheMQ Authentication Flaw Let Unauthorized Users Perform Multiple Actions

Apache ActiveMQ is a Java based communication management tool for communicating with multiple components...
cyber security

68% of Data Breach Occurs Due to Social Engineering Attacks

In the latest edition of Verizon's Data Breach Investigations Report (DBIR) for 2024, a...
cyber security

U.S. Govt Warns of Massive Social Engineering Attack from North Korean Hackers

The United States government has issued a stark warning about a new wave of...
Cisco

Cisco IP Phone Vulnerability Let Attackers Trigger DoS Attack

Cisco has disclosed multiple vulnerabilities in its IP Phone firmware that could severely impact...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

    • Book Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

Email : [email protected]