1. Forum
  2. tqw
  3. TQW GENTECH

  • Thousands of web domains hijacked in "sitting ducks" attack

    From TechnologyDaily@1337:1/100 to All on Friday, November 15, 2024 17:15:05
    Thousands of web domains hijacked in "sitting ducks" attack

    Date:
    Fri, 15 Nov 2024 17:03:00 +0000

    Description:
    A relatively unknown attack method is leaving thousands of websites compromised.

    FULL STORY ======================================================================"Sitting
    Ducks" attack allows crooks to take full control of target domain Almost a million websites vulnerable to takeover, experts warn Tens of thousands of websites already compromised this way

    Sitting Ducks might not be a particularly known method of cyberattacks, but
    it is still quite widespread, and pretty disruptive, experts have warned.

    A report from cybersecurity researchers at Infoblox Threat Intel claims
    almost a million websites are vulnerable, and roughly 70,000 were already compromised this way.

    In a new report, Infoblox notes although the attack vector has been around since 2018, it never garnered much attention from the media, or the cybersecurity community. Still, tens of thousands of victims have had their domain names hijacked since then, including well-known brands, non-profits, and government entities. The report hasnt named any organizations, though. Vipers, Hawks, and other predators

    during a Sitting Ducks attack, the threat actor gains full control of the target domain, by taking over its DNS configurations . This has many implications and carries heavy consequences. When hackers take full control
    of a domains DNS configuration, they can funnel compromised web traffic to malware, phishing sites, or spam networks. They can also deliver
    infostealers, engage in fraud, or affiliate cybercrime programs.

    However, Infoblox started monitoring the internet for Sitting Ducks attacks last summer, to alarming results: The results are very sobering, as 800,000 vulnerable domains were identified, and about 70,000 of those were later identified as hijacked.

    The researchers claim that there are multiple threat actors currently exploiting Sitting Ducks, including Vacant Viper, the OG of the exploit, hijacking an estimated 2,500 domains each year since late 2019.

    Another group, called Vextrio Viper, was seen using hijacked domains as part of their massive TDS infrastructure since early 2020. Infoblox says Vextrio runs the largest known cybercriminal affiliate program.

    It also mentioned new threat actors, such as Horrid Hawk, and Hasty Hawk, named as they swoop in and hijack vulnerable domains. You might also like
    What is DNS Hijacking and how can you avoid being a victim of it Here's a
    list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/thousands-of-web-domains-hijacked-in-si tting-ducks-attack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)