SlideShare a Scribd company logo

DNS Hijacking: What Is It And How It Can Affect You?

Abraxas Market
Abraxas Market
1 of 4
Download to read offline
DNS Hijacking: What Is It And How It Can Affect You? 858 DNS hijacking is not a very well-known phenomenon outside the web specialists' circle, but it could be a dangerous tool when used against you. DNS hijacking, also known as silent server swaps, is a malicious attack vector that can be used to forcibly redirect web traffic to websites that are either fake or different from the ones you've requested. This type of attack becomes possible when the computer's TCP/IP settings are overridden through the use of malicious software. https://en.wikipedia.org/wiki/Silk_Road_(marketplace) can also gain control of a DNS server by modifying its settings, either manually or via malware. These are the two main types of DNS hijacking. How Does It Work? In order to understand what DNS hijacking is and the risk it poses to your own online security and privacy, there are a few processes you need to know about. The Domain Name System (DNS) was created to make the web more usable by humans. Every website on the internet lives on a physical location, which is commonly a server. These servers and everything else that is connected to the internet has an Internet Protocol (IP) address that corresponds to its location. Since it is not possible for us humans to memorize the IP addresses of all our favorite services, DNS was invented. This system streamlines the process by matching the web addresses we provide with the IP addresses of the server or servers that host the website. A DNS server has one job: to match domain names with their corresponding numerical addresses. Once his response matches a domain name to a specific server, it relays back the information to your device, making it possible to connect with the website you've requested. Now that you have a good understanding of the role a DNS server plays, here is how it can be used against you for malicious gain. DNS Hijacking: A Major Security Threat Right now, the reason you're on this website and not on some advertisement-ridden page is because your computer has the right DNS settings. These have either been provided by
Google, the Internet Corporation for Assigned Names and Numbers (ICANN), or your Internet Service Provider (ISP). If these settings are compromised in any way, be it via your unprotected router or through the use of Trojan malware , your computer could be communicating with the wrong DNS server, one with a different set of addresses and a malicious agenda. Of course, DNS servers don't turn rogue all by themselves. Malicious actors can hijack” the server and create alternate IP addresses for the domain names, leaving you and your computer at the mercy of illegitimate services and fake websites that can compromise your online privacy. The Applications of DNS Hijacking So, how can this affect your online security? The answer to that question is: in a number of ways. For instance: DNS Hijacking Can Be Used For Phishing Attacks Picture this: you've just opened your bank's online webpage and filled in your login credentials in order to access your online account, but something's not right. For some reason, no matter how many times you repeat the process, you can't get in. If the DNS that your computer is using has been hijacked, then you have just given your bank account's login credentials to a bunch of unknown hackers. As you probably already know, identity theft is a rampant form of cybercrime that can destroy your entire livelihood even without your knowledge. This could be a damaging real-life scenario. Hijacked DNS servers are commonly used to orchestrate phishing attacks on unsuspecting people. By creating a replica of the webpage you intended to visit, cybercriminals can trick you into giving them important information that will ultimately compromise your privacy. check -scale cyber attack using this exact tactic was orchestrated a few years ago targeting The New York Times, Twitter, The Huffington Post and other major websites. That's not the end of it, unfortunately. A Hijacked DNS Server Can Be Used For Pharming the process of using illegitimate avenues to generate clicks
If you're unfamiliar with pharming, it is the process by which online presences use illegitimate avenues to generate clicks and ad impressions for monetary gain. A hijacked DNS server can be used to divert traffic from its intended destination to a page filled with endless pop-ups and ads. For the unfortunate victim, this can be quite an annoyance especially since it occurs so unexpectedly. Meanwhile, the people behind the pharming scheme generate a lot of income from ad impressions and clicks. Before you wave this off as nothing more than a mild annoyance, remember that you will be conscripted as an aider and abettor of fraud committed against ad companies. In How to Shop on the Dark Web , your computer will be exposed to websites with browser-based exploits, which will then be deployed into your system to wreak havoc. Governments Use DNS Hijacking to Enforce Web Censorship
Unfortunately, cybersecurity threats such as computer viruses and malicious ads are not all you have to worry about when you're a victim of DNS hijacking. Some countries have been known to modify” their own DNS servers in order to restrict access to some websites. This censorship strategy redirects computers to approved” sites every time they try to connect to a blocked” website. The worst part is that it can be done without your knowledge or consent. How to Protect Your Computer from DNS Hijacking Update your router's firmware and change its password (especially if you're still using the default password). Use a VPN (Virtual Private Network) to access the internet. This hides your DNS requests from third parties and encrypts all your traffic. It's also a key safeguard to protect your online privacy and security, overall. Install antivirus software on your computer. If your DNS settings cannot be altered by Trojan malware, you'll be safe from attacks of such nature.

Recommended

Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSyed Ali Mujtaba Jaffary
 
Infoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid Them
Infoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid ThemInfoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid Them
Infoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid ThemJennifer Nichols
 
DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)Fatima Qayyum
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfanjandavid
 
DDoS mitigation in the real world
DDoS mitigation in the real worldDDoS mitigation in the real world
DDoS mitigation in the real worldMichael Renner
 
Dns
DnsDns
DnsDom Mike
 
Dns
DnsDns
Dnsprincejhulan
 

Recommended

Spamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSpamming, spoofing, Dos&DDos attack
Spamming, spoofing, Dos&DDos attackSyed Ali Mujtaba Jaffary
 
Infoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid Them
Infoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid ThemInfoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid Them
Infoblox White Paper - Top Five DNS Security Attack Risks and How to Avoid ThemJennifer Nichols
 
DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)DNS spoofing/poisoning Attack Report (Word Document)
DNS spoofing/poisoning Attack Report (Word Document)Fatima Qayyum
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfanjandavid
 
DDoS mitigation in the real world
DDoS mitigation in the real worldDDoS mitigation in the real world
DDoS mitigation in the real worldMichael Renner
 
Dns
DnsDns
DnsDom Mike
 
Dns
DnsDns
Dnsprincejhulan
 
Web server security challenges
Web server security challengesWeb server security challenges
Web server security challengesMartins Chibuike Onuoha
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?Milan Santana
 
Dns protection
Dns protectionDns protection
Dns protectionMarcello Marchesini
 
DNS Advanced Attacks and Analysis
DNS Advanced Attacks and AnalysisDNS Advanced Attacks and Analysis
DNS Advanced Attacks and AnalysisCSCJournals
 
DDoS Hurts Everyone
DDoS Hurts EveryoneDDoS Hurts Everyone
DDoS Hurts EveryoneDNS Made Easy
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attackmarada0033
 
Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?ahanashrin
 
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...Trojan Hunt India
 
Improving Network Security with IP &DNS Reputation Services
Improving Network Security with IP &DNS Reputation ServicesImproving Network Security with IP &DNS Reputation Services
Improving Network Security with IP &DNS Reputation Serviceswhitehat 'People'
 
Hackers dictionary
Hackers dictionaryHackers dictionary
Hackers dictionaryTabraiz Bukhari
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its DefenceGreater Noida Institute Of Technology
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacksSaptha Wanniarachchi
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersSpouse Ware
 
Security Assessment
Security AssessmentSecurity Assessment
Security AssessmentAnil Nayak
 
Kipp berdiansky on network security
Kipp berdiansky on network securityKipp berdiansky on network security
Kipp berdiansky on network securityKipp Berdiansky
 
How to Know if You Got DDoSed
How to Know if You Got DDoSedHow to Know if You Got DDoSed
How to Know if You Got DDoSedShubhamGupta410081
 
SOPA 4 dummies
SOPA 4 dummiesSOPA 4 dummies
SOPA 4 dummieswremes
 
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxDoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxmadlynplamondon
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against propertyvarunbamba
 

More Related Content

Similar to DNS Hijacking: What Is It And How It Can Affect You?

DNS Advanced Attacks and Analysis
DNS Advanced Attacks and AnalysisDNS Advanced Attacks and Analysis
DNS Advanced Attacks and AnalysisCSCJournals
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attackmarada0033
 
Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?ahanashrin
 
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...Trojan Hunt India
 
Improving Network Security with IP &DNS Reputation Services
Improving Network Security with IP &DNS Reputation ServicesImproving Network Security with IP &DNS Reputation Services
Improving Network Security with IP &DNS Reputation Serviceswhitehat 'People'
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacksSaptha Wanniarachchi
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersSpouse Ware
 
Security Assessment
Security AssessmentSecurity Assessment
Security AssessmentAnil Nayak
 
Kipp berdiansky on network security
Kipp berdiansky on network securityKipp berdiansky on network security
Kipp berdiansky on network securityKipp Berdiansky
 
SOPA 4 dummies
SOPA 4 dummiesSOPA 4 dummies
SOPA 4 dummieswremes
 
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxDoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxmadlynplamondon
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against propertyvarunbamba
 

Similar to DNS Hijacking: What Is It And How It Can Affect You? (20)

Web server security challenges
Web server security challengesWeb server security challenges
Web server security challenges
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?
 
Dns protection
Dns protectionDns protection
Dns protection
 
DNS Advanced Attacks and Analysis
DNS Advanced Attacks and AnalysisDNS Advanced Attacks and Analysis
DNS Advanced Attacks and Analysis
 
DDoS Hurts Everyone
DDoS Hurts EveryoneDDoS Hurts Everyone
DDoS Hurts Everyone
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
 
Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?Are ransomware attacks the problem for web hosting firms?
Are ransomware attacks the problem for web hosting firms?
 
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...
What are the Most Common Malware Attack Types You Should Know by Trojan Hunt ...
 
Improving Network Security with IP &DNS Reputation Services
Improving Network Security with IP &DNS Reputation ServicesImproving Network Security with IP &DNS Reputation Services
Improving Network Security with IP &DNS Reputation Services
 
Hackers dictionary
Hackers dictionaryHackers dictionary
Hackers dictionary
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
Protecting your business from ddos attacks
Protecting your business from ddos attacksProtecting your business from ddos attacks
Protecting your business from ddos attacks
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From Hackers
 
Security Assessment
Security AssessmentSecurity Assessment
Security Assessment
 
Kipp berdiansky on network security
Kipp berdiansky on network securityKipp berdiansky on network security
Kipp berdiansky on network security
 
How to Know if You Got DDoSed
How to Know if You Got DDoSedHow to Know if You Got DDoSed
How to Know if You Got DDoSed
 
SOPA 4 dummies
SOPA 4 dummiesSOPA 4 dummies
SOPA 4 dummies
 
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docxDoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHacking
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against property
 

DNS Hijacking: What Is It And How It Can Affect You?

  • 1. DNS Hijacking: What Is It And How It Can Affect You? 858 DNS hijacking is not a very well-known phenomenon outside the web specialists' circle, but it could be a dangerous tool when used against you. DNS hijacking, also known as silent server swaps, is a malicious attack vector that can be used to forcibly redirect web traffic to websites that are either fake or different from the ones you've requested. This type of attack becomes possible when the computer's TCP/IP settings are overridden through the use of malicious software. https://en.wikipedia.org/wiki/Silk_Road_(marketplace) can also gain control of a DNS server by modifying its settings, either manually or via malware. These are the two main types of DNS hijacking. How Does It Work? In order to understand what DNS hijacking is and the risk it poses to your own online security and privacy, there are a few processes you need to know about. The Domain Name System (DNS) was created to make the web more usable by humans. Every website on the internet lives on a physical location, which is commonly a server. These servers and everything else that is connected to the internet has an Internet Protocol (IP) address that corresponds to its location. Since it is not possible for us humans to memorize the IP addresses of all our favorite services, DNS was invented. This system streamlines the process by matching the web addresses we provide with the IP addresses of the server or servers that host the website. A DNS server has one job: to match domain names with their corresponding numerical addresses. Once his response matches a domain name to a specific server, it relays back the information to your device, making it possible to connect with the website you've requested. Now that you have a good understanding of the role a DNS server plays, here is how it can be used against you for malicious gain. DNS Hijacking: A Major Security Threat Right now, the reason you're on this website and not on some advertisement-ridden page is because your computer has the right DNS settings. These have either been provided by
  • 2. Google, the Internet Corporation for Assigned Names and Numbers (ICANN), or your Internet Service Provider (ISP). If these settings are compromised in any way, be it via your unprotected router or through the use of Trojan malware , your computer could be communicating with the wrong DNS server, one with a different set of addresses and a malicious agenda. Of course, DNS servers don't turn rogue all by themselves. Malicious actors can hijack” the server and create alternate IP addresses for the domain names, leaving you and your computer at the mercy of illegitimate services and fake websites that can compromise your online privacy. The Applications of DNS Hijacking So, how can this affect your online security? The answer to that question is: in a number of ways. For instance: DNS Hijacking Can Be Used For Phishing Attacks Picture this: you've just opened your bank's online webpage and filled in your login credentials in order to access your online account, but something's not right. For some reason, no matter how many times you repeat the process, you can't get in. If the DNS that your computer is using has been hijacked, then you have just given your bank account's login credentials to a bunch of unknown hackers. As you probably already know, identity theft is a rampant form of cybercrime that can destroy your entire livelihood even without your knowledge. This could be a damaging real-life scenario. Hijacked DNS servers are commonly used to orchestrate phishing attacks on unsuspecting people. By creating a replica of the webpage you intended to visit, cybercriminals can trick you into giving them important information that will ultimately compromise your privacy. check -scale cyber attack using this exact tactic was orchestrated a few years ago targeting The New York Times, Twitter, The Huffington Post and other major websites. That's not the end of it, unfortunately. A Hijacked DNS Server Can Be Used For Pharming the process of using illegitimate avenues to generate clicks
  • 3. If you're unfamiliar with pharming, it is the process by which online presences use illegitimate avenues to generate clicks and ad impressions for monetary gain. A hijacked DNS server can be used to divert traffic from its intended destination to a page filled with endless pop-ups and ads. For the unfortunate victim, this can be quite an annoyance especially since it occurs so unexpectedly. Meanwhile, the people behind the pharming scheme generate a lot of income from ad impressions and clicks. Before you wave this off as nothing more than a mild annoyance, remember that you will be conscripted as an aider and abettor of fraud committed against ad companies. In How to Shop on the Dark Web , your computer will be exposed to websites with browser-based exploits, which will then be deployed into your system to wreak havoc. Governments Use DNS Hijacking to Enforce Web Censorship
  • 4. Unfortunately, cybersecurity threats such as computer viruses and malicious ads are not all you have to worry about when you're a victim of DNS hijacking. Some countries have been known to modify” their own DNS servers in order to restrict access to some websites. This censorship strategy redirects computers to approved” sites every time they try to connect to a blocked” website. The worst part is that it can be done without your knowledge or consent. How to Protect Your Computer from DNS Hijacking Update your router's firmware and change its password (especially if you're still using the default password). Use a VPN (Virtual Private Network) to access the internet. This hides your DNS requests from third parties and encrypts all your traffic. It's also a key safeguard to protect your online privacy and security, overall. Install antivirus software on your computer. If your DNS settings cannot be altered by Trojan malware, you'll be safe from attacks of such nature.