Explore the critical role of DNS security in protecting networks from threats like DNS spoofing, cache poisoning, tunneling, and hijacking. These articles cover DNSSEC implementation, DNS monitoring best practices, and strategies for securing your domain name infrastructure against modern attacks.
posts
In April 2024, researchers at Akamai discovered a massive DNS hijacking campaign targeting financial institutions across Southeast Asia. Attackers poisoned DNS caches at the ISP level, silently redirecting thousands of banking customers to pixel-perfect phishing sites. Victims entered their credentials on pages that looked identical to their bank's
In April 2024, security researchers at Akamai reported a massive DNS hijacking campaign targeting over 600 domains, redirecting users to credential harvesting pages that looked identical to legitimate banking and email portals. Victims had no idea they were on a fake site. Their browsers showed no warnings. The URLs looked
In April 2018, attackers hijacked the DNS servers used by MyEtherWallet and redirected users to a phishing site hosted in Russia. The entire attack lasted roughly two hours. In that window, victims lost around $17 million in cryptocurrency — simply because their browsers resolved a legitimate domain name to a malicious
In April 2018, attackers hijacked the DNS records for Amazon's Route 53 service, redirecting traffic meant for MyEtherWallet.com to a malicious server in Russia. Users who typed the correct URL into their browsers still landed on a fake site. Within two hours, attackers stole roughly $150,000
In April 2022, researchers at Avast discovered that the GhostDNS botnet had compromised over 100,000 home routers across Brazil — silently redirecting banking customers to pixel-perfect phishing pages. Victims typed their real bank URLs into their browsers. The addresses looked correct. But every keystroke landed on a threat actor'
Your Employees Think They're on Your Bank's Website. They're Not. In April 2022, researchers at Avast documented a campaign where threat actors compromised home routers to execute a DNS spoofing attack that redirected users trying to visit legitimate banking sites to near-perfect credential theft
