DNS hijacking is the process of altering the name server records and redirecting the users to a bogus website.

As everyone knows every domain name depends on its name server to direct the user to go a particular IP address and when the name server get compromised user will be taken to another site which is not controlled directly by the original domain owner. See for example

www.jayacom.com.my
-> points to the name server ns1.yahoo.com
-> which points
www.jayacom.com.my -> some ip address
us.jayacom.com.my -> another ip address
mail.jayacom.com.my -> mail server ip etc
ftp.jayacom.com.my

So if ns1.yahoo.com is compromised the whole system goes down. The domain name owner of his machines or his firewall won’t give any security for such a hijacking.

Imagine the name server of a financial institution gets hijacked and redirect the user to a similar looking website. User won’t be notice that it’s a pishing attack as the url etc says the same but the underlying IP address is different. User might enter his user name and password trusting it as a legitimate website and that’s it…
Be careful and be aware of when such an attack is happening. Look for the HTTPS certificates while entering passwords to a financial website.

Explore More

Password breaking service (Stolen password recovery)

Last month we had about 400 emails asking details on how to break into the email account. The reason many of them put forward are ‘they forgot and got important

Read More

DDoS Attack on Myanmar Takes the Country Offline

The main Internet provider for Myanmar, the southeast Asian nation formerly known as Burma, has been under severe denial of service attack since at least October 25, according to the

Read More

Single-line attack infects thousands of Web sites

Thousands of Web sites have fallen victim to an attack using just one line of code that maliciously re-directs browsers via Javascript to servers that are hosting a variety of

Read More