Sitting Ducks' Attacks Create Hijacking Threat for Domain Name Owners

02-August-24

More than a dozen Russian cybercriminals are exploiting vulnerabilities in the Domain Name System (DNS) through the “Sitting Ducks” attack, targeting DNS providers and gaining unauthorized access to registered domains. This allows them to conduct malicious activities such as malware delivery, phishing, and data exfiltration, with over 1 million domains potentially susceptible daily. Researchers from Infoblox and Eclypsium note that these attacks are easy to execute and hard to detect but are entirely preventable. They urge domain owners, particularly those with domains 10 years or older, to assess and mitigate their DNS risks, offering detailed guidance on their blog.

Read More…