Cyber criminals are always coming up with new attack vectors to exploit online weaknesses. DNS Hijacking is a very significant threat in this regard, as most victims would not notice something is wrong right away. Over the past few years, there have been several DNS hijacking threats. Interestingly enough, Internet service providers are more than capable of hijacking users’ DNS as well, if they feel the need to do so.
#4 Ad-Fraud DNS Malware
In this day and age of digitization, it is not surprising to learn various types of malware can manipulate router DNS settings. Criminals can use this malware to intercept Google Analytics tags and replace online ads with their own codes. This brings a lot of revenue to criminals, whereas the vicctims will have no idea of the threat.
In May of 2015, security researchers discovered a new malware going by the name of Linux/Moose. As the name suggests, this piece of malicious code primarily targeted Linux-based routers. Most of the routers affected by this malware were located in Brazil, which was quite a surprise. However, the malicious code has also made its way to the US and Japan.
To get infected by Linux/Moose, targets are tricked into visiting websites containing a malicious browser script. Once someone visits such a page, the script will attempt to brute-force the home router in an attempt to access the administrative interface. Successfully doing so will allow the criminals to change the device’s DNS settings, and even intercept data passing through the router.
#2 DNSChanger Trojan
Trojan Horses have been a particular pain in the neck for Internet users over the past decade. Even though this is one of the oldest types of “viruses”, a Trojan Horse remains a favorite tool of infecting a lot of computers on a global scale. DNSChanger was one of the biggest threats back in 2007, causing users to be redirected to malicious websites. For example, accessing Google, Yahoo, Facebook, or YouTube was virtually impossible when infected with DNSChanger. Thankfully, it is easy to get rid of this Trojan Horse, but that doesn’t mean computers can no longer get infected by it.
#1 Internet Service Providers
Even though malware and other malicious software types present a systemic risk to DNS servers, the largest culprits are internet service providers. ISPs are capable of manipulating DNS settings for all of their customers with just a few clicks. Not all providers offer this option, although a fair few consumer ISPs use DNS hijacking for their own purposes. Displaying advertisements, collecting statistics, or even enforcing censorship are just some of the outcomes.
Unfortunately, an ISP-based DNS hijack will have some other uncomfortable side effects. Users will no longer be able to determine which search engine they want to use when mistyping a website address. Moreover, small office and home networks will suffer, as individual computers may suffer from being unable to access other devices on the network.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.