Attacks & Threats
DNS Hijacking
Definition
An attack that redirects DNS resolution to attacker-controlled answers by modifying client settings, router configurations, resolver responses, or authoritative DNS records.
Examples
- Attackers compromise a registrar account and change a victim's NS records to their own DNS, then issue a TLS certificate to impersonate the site.
- Router malware silently sets all home devices to use a rogue resolver that redirects banking domains to phishing servers.
Related terms
Domain Hijacking
The unauthorized takeover of control over a registered domain name at the registrar or registry level, allowing an attacker to redirect traffic, email, and trust to malicious infrastructure.
DNS Spoofing
An attack that injects falsified DNS responses to redirect victims from a legitimate domain to an attacker-controlled IP address.
DNS Cache Poisoning
An attack that inserts forged records into a DNS resolver's cache so subsequent queries return attacker-chosen addresses until the TTL expires.
Pharming
An attack that silently redirects users from a legitimate site to a malicious one by tampering with DNS, hosts files, or local routing — without requiring the victim to click a link.
Phishing
A social-engineering attack in which an attacker impersonates a trusted party to trick a victim into revealing credentials, transferring money, or running malware.
DNSSEC
A set of DNS extensions that cryptographically sign zone data so resolvers can verify the authenticity and integrity of DNS responses.