14,932
edits
Changes
no edit summary
'''Domain Name Hijacking''' or Domain Hijacking refers to the security breach that occurs when an outside agent, such as a hacker, gains control over a domain registered to another individual or organization.<ref name="report">[http://archive.icann.org/en/announcements/hijacking-report-12jul05.pdf Domain Name Hijacking: Incidents, Threats, Risks, and Remedial Actions] (PDF), ICANN's SSAC</ref><ref name="go">[http://www.gohacking.com/how-domain-name-is-hijacked-how-to-protect/ How a Domain Name is Hijacked and How to Protect it] by Srikanth Ramesh, GoHacking.com</ref> Hijacking can be accomplished via various practices and often results in domain name registrants losing control of their domains as traffic is redirected to a different site, the content of the original site is changed, or the outside agent switches the control of the name through the registrar. <ref name="go"/> This practice has reportedly tripled since 2005 and is related to [[Reverse Domain Name Hijacking]]<ref name="cio">[http://www.cio.com/article/699206/4_Ways_to_Prevent_Domain_Name_Hijacking_?page=1&taxonomyId=3089 4 Ways to Prevent Domain Name Hijacking] by Meridith Levinson (February 1, 2012), CIO</ref>
'''Domain Name Hijacking''' or Domain Hijacking refers to the security breach that occurs when an outside agent, such as a hacker, gains control over a domain registered to another individual or organization.<ref name="report">[http://archive.icann.org/en/announcements/hijacking-report-12jul05.pdf Domain Name Hijacking: Incidents, Threats, Risks, and Remedial Actions] (PDF), ICANN's SSAC</ref><ref name="go">[http://www.gohacking.com/how-domain-name-is-hijacked-how-to-protect/ How a Domain Name is Hijacked and How to Protect it] by Srikanth Ramesh, GoHacking.com</ref> Hijacking can be accomplished via various practices and often results in domain name registrants losing control of their domains as traffic is redirected to a different site, the content of the original site is changed, or the outside agent switches the control of the name through the registrar. <ref name="go"/> This practice has reportedly tripled since 2005 and is related to [[Reverse Domain Name Hijacking]]<ref name="cio">[http://www.cio.com/article/699206/4_Ways_to_Prevent_Domain_Name_Hijacking_?page=1&taxonomyId=3089 4 Ways to Prevent Domain Name Hijacking] by Meridith Levinson (February 1, 2012), CIO</ref>
==Types of Redirection==
Also called DNS Hijacking, this practice refers to situations in which queries are incorrectly resolved in order to redirect users to malicious sites due after perpetrators have installed [[Malware]] on user computers, taken over routers, or intercepted [[DNS]] communication.<ref>[https://www.imperva.com/learn/application-security/dns-hijacking-redirection/ DNS Redirection, Imperva]</ref>
* Local - when Trojan malware is installed on a user’s computer, it changes the local DNS settings to redirect the user to malicious destinations.
* Router - when attackers take over routers, they can overwrite DNS settings.
* Man in the middle - attackers intercept communication between a user and a server and change the destination [[IP address]].
* Rogue server - when a server is hacked and the DNS records are changed to redirect DNS requests to malicious sites.
==Public Perception==
==Public Perception==