Date First Published: 24th April 2022
Topic: Computer Networking
Subtopic: Internet Protocols
Article Type: Computer Terms & Definitions
Difficulty: AdvancedDifficulty Level: 9/10
Learn more about what DNS hijacking is in this article.
DNS hijacking, also known as DNS poisoning or DNS redirection is the hijacking of a DNS request. It occurs when a DNS request that is made to a server is hijacked and forcibly redirects online traffic to malicious websites. It is a common way for scammers to redirect users to malware or fake websites. DNS hijacking can be caused by malware that manipulates a user's computer, makes modifications to the hosts file, or a compromised DNS server.
DNS is known as the phonebook of the internet. It maps domain names to IP addresses so that users can visit websites without having to remember a string of four unique numbers, such as 123.123.123.123. DNS hijacking causes DNS requests to be incorrectly resolved. As suggested in the word 'hijacking', the user is redirected to a different website or IP address. The malware that manipulates a user’s computer may alter the IP address that domain names are pointed to, usually by making modifications to the hosts file.
The websites that a user is redirected to may be phishing websites, which impersonate trusted companies in order to steal sensitive information. In addition, they could also be filled with advertisements in order to generate advertising revenue.
A user types a domain name into their web browser to visit an online shopping website. However, they have malware installed on their computer that hijacks their DNS requests and causes them to be incorrectly resolved. The DNS request forcibly resolves to a typosquatting domain name that looks very similar to the domain name of the online shopping website. It impersonates the real website and includes a login page, which is designed to 'phish' for the user’s login details.
ISP hijacking is a non-malicious form of DNS hijacking that is performed by an internet service provider and it occurs when a user types a link to a page that does not exist and they are redirected to another page to generate advertising revenue. The user may get redirected to their search pages when typing a bad URL. ISPs claim that this is helpful for improving the experience of users. A lot of ISPs allow users to opt out of their DNS redirection. If visiting a non-existent site, such as rjfsfkjsd483h.com redirects you to a search page containing links, you are being redirected by DNS.
If so, it is important that you tell me as soon as possible on this page.
Network Services Network Setups Network Standards Network Hardware Network Identifiers Network Software Internet Protocols Internet Organisations Data Transmission Technologies Web Development Web Design Web Advertising Web Applications Web Organisations Web Technologies Web Services SEO Threats To Systems, Data & Information Security Mechanisms & Technologies Computer Hardware Computer Software Ethics & Sustainability Legislation & User Data Protection