In a classic case of the biter bit, the WikiLeaks website has fallen victim to a Domain Name System (DNS) hijacking – a technique that effectively allows hackers to raid the Internet phonebook. They can then use malicious software to seize control of a website by annexing its human or data traffic, without even needing to penetrate its servers. Their next move is to redirect their victims to an authentic-looking web page that’s laced with malware.
While the WikiLeaks attack looks like no more than a high-profile prank, more serious DNS hijacks have previously compromised the Brazilian banking system and the New York Times. Even the Mirai botnet that disrupted Amazon and Twitter used DNS as a vehicle.
It’s not easy to keep your Internet property safe at the best of times, and DNS hijacking is particularly hard to defend against. Anyone who runs a website should be aware of this threat and take preventative measures. These include selecting domain registrars with multi-factor authentication or ones that can lock DNS settings – otherwise hackers can take control of a site’s entire traffic at the drop of a hat.
Read more at https://www.wired.com/story/what-is-dns-hijacking/