Cybercriminal “Sitting Ducks” Attack Hijacks 35,000 Domains: How to Protect Yours

Threat actors have hijacked over 35,000 domains via Sitting Ducks attacks, exploiting DNS configuration flaws and weak ownership verification. Researchers warn that millions of domains are vulnerable daily, with Russian cybercriminal groups leveraging these for spam, scams, and malware. Regularly reviewing DNS configurations can help prevent such hijacks.

3P
Published: August 1, 2024 5:11 pmAdded: August 1, 2024 at 10:46 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that owning a domain could feel like sitting on a duck waiting to be hijacked by cybercriminals? Apparently, even the web’s landlords need more than just a fancy address to keep the riff-raff out. Time to double-check those DNS settings before your domain ends up quacking for the wrong team!

Key Points:

  • More than 35,000 domains hijacked through Sitting Ducks attacks.
  • Attack vector exploits registrar and DNS provider configuration flaws.
  • Russian cybercriminal groups have been using this method for years.
  • Infoblox and Eclypsium researchers identified over a million vulnerable domains.
  • Registrars and DNS providers need to tighten security protocols to prevent these attacks.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?