DNS hijacking

DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries.^[1] This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards.

These modifications may be made for malicious purposes such as phishing, for self-serving purposes by Internet service providers (ISPs), by the Great Firewall of China and public/router-based online DNS server providers to direct users' web traffic to the ISP's own web servers where advertisements can be served, statistics collected, or other purposes of the ISP; and by DNS service providers to block access to selected domains as a form of censorship.

^ "What is a DNS Hijacking | Redirection Attacks Explained | Imperva". Learning Center. Retrieved 13 December 2020.

[1] "What is a DNS Hijacking | Redirection Attacks Explained | Imperva". Learning Center. Retrieved 13 December 2020.

[1]

DNS hijacking

From Wikipedia, the free encyclopedia · View on Wikipedia