US security researcher Zach Edwards recently tweeted about finding 250 company website names that had been taken over by cybercriminals.
He didn’t name the brands but insists that the organizations affected include banks, healthcare companies, restaurant chains, civil rights groups, and more:
The issue here is that the websites themselves haven’t been hacked, but their DNS entries have.
These attacks, known as DNS hijacks, happen when crooks don’t actually break into and take over a site itself, but instead simply change the “internet signposts” that point to it.
As you probably know, DNS, short for domain name system, is the distributed, global name-to-number database that automatically turns human-friendly server names such as naked security DOT Sophos DOT com into computer-friendly IP numbers that are needed to send and receive network packets on the internet.