DNS hijacking is the process of altering the name server records and redirecting the users to a bogus website.

As everyone knows every domain name depends on its name server to direct the user to go a particular IP address and when the name server get compromised user will be taken to another site which is not controlled directly by the original domain owner. See for example

www.jayacom.com.my
-> points to the name server ns1.yahoo.com
-> which points
www.jayacom.com.my -> some ip address
us.jayacom.com.my -> another ip address
mail.jayacom.com.my -> mail server ip etc
ftp.jayacom.com.my

So if ns1.yahoo.com is compromised the whole system goes down. The domain name owner of his machines or his firewall won’t give any security for such a hijacking.

Imagine the name server of a financial institution gets hijacked and redirect the user to a similar looking website. User won’t be notice that it’s a pishing attack as the url etc says the same but the underlying IP address is different. User might enter his user name and password trusting it as a legitimate website and that’s it…
Be careful and be aware of when such an attack is happening. Look for the HTTPS certificates while entering passwords to a financial website.

Explore More

Pay safe with your debit card/ bank card/ ATM card? Best practice to safe guard your PIN

In the world of convenience, people resort to different and convenient ways of spending. One such instance is the debit card which replaces cash. It is so convenient and so

Read More

Timing Attacks with HTML5

HTML 5 and related technologies bring a whole slew of new features to web browsers, some of which can be a threat to security and privacy. This paper describes a

Read More

Recommended Firewall Freebies

A couple of very good free firewall programs you might consider installing include * ZoneAlarm from http://www.zonelabs.com * SyGate from http://www.sygate.com TIP If you really like the idea of a

Read More