How DNS Hijacking Threatens You Online

How DNS Hijacking Threatens You Online

Normally, when users enter a domain name into the browser, the Domain Name Server (DNS) maps it into its corresponding IP address. A DNS attack occurs when the malware overrides the TCP/IP settings of the system, to redirect queries made to the DNS. The individual behind the attack directs traffic to a website of choice. DNS hijacking occurs in two ways. One method infects computers with malware, rendering it incapable of translating the domain address entered by the user to its matching IP-address. The other method involves hacking specific websites and changing their DNS addresses.


Causes for DNS Hijacking

Most ISPs resort to DNS hijacking, apparently to improve the user experience. When users type the address of a non-existent or expired website, the browser, instead of displaying an error message, redirects to another website set by the ISP. The ISP invariably controls such redirected-to websites, and seeks to increase traffic to such websites. 

Several cyber attackers redirect traffic to a fake website of their choice to gain more traffic, and consequently more ad revenue. A case in point is a user trying to connect to a specific webiste but another website, full of pop-ups and ads loads. These types of attacks are very annoying and put the user at risk of malware infection.

The most dangerous type of DNS hijacking is redirection for Phishing. Here, the cybercriminals redirect the user to a malicious version of the website, with the fake website mimicking the original one. Most cybercriminals target websites of banks and websites containing sensitive personal data for such hijacks. 

Even governments resort to DNS hijacking, as a means to block access to certain websites. In such instances, the government may order ISP providers in its jurisdiction to redirect users trying to access such blocked websites to other websites.


How to Immunise Yourself from DNS-Hijacking

Using a VPN server is the most effective way to thwart DNS hijacking. A VPN server encrypts all internet traffic, sending it to an impregnable virtual tunnel.

Date: 27 April 2018, 13:04 pm
Das könnte Sie ebenfalls interessieren: