Show in Graph
Common Information
Type Value
Value 
Domains - T1584.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may hijack domains and/or subdomains that can be used during targeting. Domain registration hijacking is the act of changing the registration of a domain name without the permission of the original registrant.(Citation: ICANNDomainNameHijacking) Adversaries may gain access to an email account for the person listed as the owner of the domain. The adversary can then claim that they forgot their password in order to make changes to the domain registration. Other possibilities include social engineering a domain registration help desk to gain access to an account or taking advantage of renewal process gaps.(Citation: Krebs DNS Hijack 2019) Subdomain hijacking can occur when organizations have DNS entries that point to non-existent or deprovisioned resources. In such cases, an adversary may take control of a subdomain to conduct operations with the benefit of the trust associated with that domain.(Citation: Microsoft Sub Takeover 2020) Adversaries who compromise a domain may also engage in domain shadowing by creating malicious subdomains under their control while keeping any existing DNS records. As service will not be disrupted, the malicious subdomains may go unnoticed for long periods of time.(Citation: Palo Alto Unit 42 Domain Shadowing 2022)
Details Published Attributes CTI Title
Details Website 2035-08-05 23 Inside Jahoo (Otlard.A ?) - A spam Botnet
Details Website 2025-11-07 1 Vault7 - Home
Details Website 2024-12-19 17 Silent Push uncovers a large Russian Ursnif/Gozi banking trojan operation targeting global AnyDesk users. — Silent Push Threat Intelligence
Details Website 2024-12-03 120 Malvertisment campaigns: Uncovering more IoCs from the recent Windows Defender fraud — Silent Push Threat Intelligence
Details Website 2024-12-03 48 Privacy tools (not) for you — Silent Push Threat Intelligence
Details Website 2024-11-30 4 Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon — Palisade
Details Website 2024-11-17 0 Don’t Hold Down The Ctrl Key Warning As New 2SP Cyber Attacks Emerge | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Details Website 2024-11-17 1 [CHORT] - Ransomware Victim: texanscan[.]org - RedPacket Security
Details Website 2024-11-17 1 Digital certificates
Details Website 2024-11-17 1 How I Found open-redirect vulnerability using virus total?
Details Website 2024-11-17 1 The Road to CRTP Cert — Part 2
Details Website 2024-11-17 0 Black Friday and Cyber Monday: A Hotspot for Cyber Crime | #cybercrime | #infosec | National Cyber Security Consulting
Details Website 2024-11-16 18 Look This !
Details Website 2024-11-16 18 Browser’s Secret Diary: Memory Dumps Unveiled
Details Website 2024-11-16 90 From Royal to BlackSuit: Understanding the Tactics and Impact of a Sophisticated Ransomware Strain | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-16 14 Building an Integrated Threat Intelligence Platform Using Python and Kibana
Details Website 2024-11-16 12 Why Traditional Phishing Trainings fail and How Firewalls Fill the Gap
Details Website 2024-11-16 1 Cybercrime police nabs two on charges of cheating-Telangana Today | #cybercrime | #infosec | National Cyber Security Consulting
Details Website 2024-11-16 0 Certified Cyber Defender (CCD) Study Notes PDF
Details Website 2024-11-16 0 Towards Zero Trust and Attribute-Based Encryption
Details Website 2024-11-16 6 Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations - CyberSRC
Details Website 2024-11-16 4 Kali Linux : Footprinting using Spiderfoot
Details Website 2024-11-16 40 ‘Tis the season to be wary’: Huge online retail scam uncovered in the lead-up to Christmas. — Silent Push Threat Intelligence
Details Website 2024-11-15 35 Strategies to Counter Phishing
Details Website 2024-11-15 18 Browser’s Secret Diary: Memory Dumps Unveiled