Hackers Using Sitting Ducks Attack To Hijack Domains, 1 Million Domains Vulnerable
Over 1 million registered domains could be vulnerable to a cyberattack method known as “Sitting Ducks,” as recently unveiled in a new report from Infoblox Threat Intel. This relatively unknown attack vector allows malicious actors to hijack legitimate domains by exploiting misconfigurations in DNS settings. The Sitting Ducks attack, which has been active since 2018, enables threat actors to gain full control of a domain by taking over its DNS configurations. Infoblox’s monitoring initiative identified approximately 800,000 vulnerable domains, with about 70,000 of those already hijacked. Threat Groups Several threat actor groups have been exploiting this attack vector: The attack is particularly dangerous due to its stealthy nature. Hijacked domains often retain their positive reputation which allows them to evade detection by security tools. This makes it challenging for security teams to identify and mitigate the threat. The impact of Sitting Ducks attacks is far-reaching, affecting organizations, individuals, and security teams. Businesses face reputational damage, while individuals risk malware infections, credential theft, and fraud. Security teams struggle to defend against these attacks due to the use of trusted domains in malicious infrastructure. To protect against Sitting Ducks attacks, domain holders, registrars, and DNS providers must ensure correct configurations and implement proper ownership verification processes. Increased awareness and vigilance within the cybersecurity community are crucial to addressing this growing threat. Credit: Cybersecurity News
Hackers Using Sitting Ducks Attack To Hijack Domains, 1 Million Domains Vulnerable Read More »