DNS hijacking is the process of altering the name server records and redirecting the users to a bogus website.

As everyone knows every domain name depends on its name server to direct the user to go a particular IP address and when the name server get compromised user will be taken to another site which is not controlled directly by the original domain owner. See for example

www.jayacom.com.my
-> points to the name server ns1.yahoo.com
-> which points
www.jayacom.com.my -> some ip address
us.jayacom.com.my -> another ip address
mail.jayacom.com.my -> mail server ip etc
ftp.jayacom.com.my

So if ns1.yahoo.com is compromised the whole system goes down. The domain name owner of his machines or his firewall won’t give any security for such a hijacking.

Imagine the name server of a financial institution gets hijacked and redirect the user to a similar looking website. User won’t be notice that it’s a pishing attack as the url etc says the same but the underlying IP address is different. User might enter his user name and password trusting it as a legitimate website and that’s it…
Be careful and be aware of when such an attack is happening. Look for the HTTPS certificates while entering passwords to a financial website.

Explore More

Hacking PHP 4.4

This tut Shows how to hack Sites running: Php 4.4 Sites. Step 1 – Search for them Yep,make a Google dork to find sites running Apache and PHP 4.4 .

Read More

You’ve Hired a Hacker (Section 4)

Section 4: Stimulus and response 4.1: My hacker did something good, and I want to reward him. Good! Here are some of the things most hackers would like to receive

Read More

Windows XP Users: Careful With That F1 Button!

Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use

Read More