Mobile Wallet and Coin Wallet Safe: Illegal crypto wallet applications
infosec

Mobile Wallet and Coin Wallet Safe: Illegal crypto wallet applications

Mobile Wallet and Coin Wallet Safe: Bitcoin's rise in value in recent weeks has led to an increase in malicious ...
Read More
infosec

Drones by Chinese manufacturers accused of spying!

"Drones built in China send sensitive flight data to their manufacturers and to the government," warned the Ministry ...
Read More
infosec

What you need to know if your data is found on the Dark Web

When we hear the words "Dark Web" we always think of something evil, dark, illegal. This is not absolute, but indeed the dark ...
Read More
infosec

After Huawei, the US is thinking of excluding Hikvision

After banning co-operation between Huawei and American companies, the Trump government puts black and Chinese ...
Read More
infosec

Other two zero-day vulnerabilities of Microsoft were published in GitHub

The security researcher, with the nickname SandboxEscaper, published yesterday, at Github, a zero-day vulnerability in the Task Scheduler of ...
Read More
Latest Posts

Hacking campaign targets organizations through DNS hijacking attacks

hijackingRecently, a new hacking campaign, called "Sea Turtle", was launched, targeting public and private players. The characteristic of this particular campaign is that hackers DNS hijacking attacks.

The data, so far, show attacks on some 40 organizations in 13 countries.

Attackers are well organized and use sophisticated methods that give them access to sensitive networks and systems.

DNS hijacking attack redirects malicious users website, modifying DNS name records or server settings.

The campaign seems to target two categories of victims. The first category includes national security organizations, foreign ministries, and energy related organizations. The second victim category includes DNS administrators, telecommunications companies, and internet service providers.

The first target of the attackers is the third Companies, which offer services to key goals.

The research has shown that this is one of the most serious and sophisticated campaigns of this kind.

DNS Hijacking Attack

Attackers acquire the credentials of the network administrator of the organization and modify the DNS records.

Otherwise, they gain access via a DNS administrator, who sells domain names and manages DNS records. The DNS registry is accessible through the registry application using the Extensible Provisioning Protocol (EPP).

Hackers get one of these EPP keys to modify DNS records, which are handled by the administrator.

Hackers try to steal credentials to get into networks and systems in the following way: initially trying to check the target DNS records, then modifying DNS records to redirect users to servers under the control of hackers and finally steal credentials when users interact with the supervised server.

Through these procedures, hackers managed to gain access to the organization's systems and attack.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *