DNS hijacking is the process of altering the name server records and redirecting the users to a bogus website.

As everyone knows every domain name depends on its name server to direct the user to go a particular IP address and when the name server get compromised user will be taken to another site which is not controlled directly by the original domain owner. See for example

www.jayacom.com.my
-> points to the name server ns1.yahoo.com
-> which points
www.jayacom.com.my -> some ip address
us.jayacom.com.my -> another ip address
mail.jayacom.com.my -> mail server ip etc
ftp.jayacom.com.my

So if ns1.yahoo.com is compromised the whole system goes down. The domain name owner of his machines or his firewall won’t give any security for such a hijacking.

Imagine the name server of a financial institution gets hijacked and redirect the user to a similar looking website. User won’t be notice that it’s a pishing attack as the url etc says the same but the underlying IP address is different. User might enter his user name and password trusting it as a legitimate website and that’s it…
Be careful and be aware of when such an attack is happening. Look for the HTTPS certificates while entering passwords to a financial website.

Explore More

Critical XSS Vulnerability in Shwe Myanmar http://www.shwemyanmar.net

PlanetCreator has reported another Critical XSS Vulnerability in Shwe Myanmar http://www.shwemyanmar.net Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers

Read More

What are the various modes of system security testing?

The various modes of system security testing are as follows: 1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be

Read More

SQL injection Basic Tutorial

One of the major problems with SQL is its poor security issues surrounding is the login and url strings.this tutorial is not going to go into detail on why these

Read More