Threat of the month: Domain hijacking

Share this article:
Threat of the month: Domain hijacking
Threat of the month: Domain hijacking

What is it? 

Domain hijacking is a popular attack technique that has been used to compromise major domains. 

How does it work? 

Attackers use social engineering or other tactics to gain access to credentials of the registrar.  

Should I be worried? 

Yes. If attackers gain access to your domain name system (DNS) records, your business and brand reputation are at risk. Attackers can redirect your web traffic to malicious websites to infect your customers with malware. They can also send and receive phony emails as your business and obtain an SSL certis in your name.

How can I prevent it? 

First, ask for the results of your registrar's last security audit to ensure they have comprehensive security measures in place. Next, apply registry locks to prevent unauthorized domain changes. With registry locks in place, authorization from the top-level domain (TLD) owner and a secondary form of authentication are required to make changes.

Share this article:
close

Next Article in Threat of the Month

Sign up to our newsletters

More in Threat of the Month

Threat of the month: Linksys router zero-day

Threat of the month: Linksys router zero-day

This month's vulnerability is currently being exploited by a worm known as "TheMoon."

Threat of the month: Java vulnerabilities

Threat of the month: Java vulnerabilities

For March's threat of the month, Secunia's Kasper Lindgaard believes Java vulnerabilities should be at the top of everyone's radar.

Threat of the month: Government agencies

Threat of the month: Government agencies

The continued leak of classified government intelligence documents by Edward Snowden draws into question the balance of offensive and defensive capabilities of governments.