TLDR:
- Threat actors have been exploiting the Sitting Ducks attack since 2019 to conduct various malicious activities.
- The vulnerability in the DNS infrastructure affects around one million domains, leading to over 30,000 cases of confirmed hijacking.
Threat actors have been exploiting the attack vector known as Sitting Ducks since at least 2019 to conduct malware delivery, phishing, brand impersonation, and data exfiltration by exploiting flaws in DNS. This widespread flaw, affecting multiple DNS providers, enables domain hijacking without detection. Besides this, the researchers from Infoblox and Eclypsium have unveiled this critical vulnerability in the DNS infrastructure. As a result, researchers discovered that it affects around one million domains, leading to over 30,000 cases of confirmed hijacking due to poor domain verification by DNS providers.
Key Points:
- Threat actors exploit Sitting Ducks attack for malicious activities.
- Over 30,000 cases of confirmed hijacking due to DNS vulnerabilities.
Threat actors have been exploiting the Sitting Ducks attack since 2019 to conduct various malicious activities that exploit flaws in DNS infrastructure. The vulnerability affects a large number of domains and has led to confirmed cases of hijacking. The researchers are working with law enforcement agencies and national CERTs to address this critical security problem.