Show in Graph
Common Information
Type Value
Value 
Domains - T1584.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may hijack domains and/or subdomains that can be used during targeting. Domain registration hijacking is the act of changing the registration of a domain name without the permission of the original registrant.(Citation: ICANNDomainNameHijacking) Adversaries may gain access to an email account for the person listed as the owner of the domain. The adversary can then claim that they forgot their password in order to make changes to the domain registration. Other possibilities include social engineering a domain registration help desk to gain access to an account or taking advantage of renewal process gaps.(Citation: Krebs DNS Hijack 2019) Subdomain hijacking can occur when organizations have DNS entries that point to non-existent or deprovisioned resources. In such cases, an adversary may take control of a subdomain to conduct operations with the benefit of the trust associated with that domain.(Citation: Microsoft Sub Takeover 2020) Adversaries who compromise a domain may also engage in domain shadowing by creating malicious subdomains under their control while keeping any existing DNS records. As service will not be disrupted, the malicious subdomains may go unnoticed for long periods of time.(Citation: Palo Alto Unit 42 Domain Shadowing 2022)
Details Published Attributes CTI Title
Details Website 2035-08-05 23 Inside Jahoo (Otlard.A ?) - A spam Botnet
Details Website 2025-12-17 17 Stories from the SOC: Caught in the Trap: Detecting and…
Details Website 2025-11-07 1 Vault7 - Home
Details Website 2025-09-05 0 New LevelBlue Threat Trends Report gives critical insights…
Details Website 2025-09-01 0 How ThreatConnect and Polarity Empower Teams to Combat Phishing Threats | ThreatConnect
Details Website 2025-08-06 0 Preparing Evidence for a Validated HITRUST Assessment
Details Website 2025-07-05 20 Online Services Again Abused to Exfiltrate Data - SANS Internet Storm Center
Details Website 2025-05-24 0 FTC finalizes order requiring GoDaddy to secure hosting services - PRSOL:CC
Details Website 2025-05-24 1 Microsoft Seizes Domains Linked to Ransomware in Cyber Dragnet - Bloomberg.com | #ransomware | #cybercrime - National Cyber Security Consulting
Details Website 2025-05-24 5 Cobalt Strike Beacon Detected - 123[.]207[.]66[.]232:8081 - RedPacket Security
Details Website 2025-05-24 6 Cobalt Strike Beacon Detected - 5[.]58[.]172[.]98:8080 - RedPacket Security
Details Website 2025-05-24 0 184 Million Users' Passwords Exposed From an Open Directory Controlled by Hackers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security Consulting
Details Website 2025-05-24 351 Индикаторы компрометации ботнета Mirai (обновление за 24.05.2025)
Details Website 2025-05-24 2 Top 10 Daily Cybercrime Brief by FCRF [24.05.2025]: Click here to Know More | #cybercrime | #infosec - National Cyber Security Consulting
Details Website 2025-05-24 12 Крах империи Danabot: как был обезврежен опасный инфостилер
Details Website 2025-05-24 7 Новый вредонос Chihuahua Stealer атакует пользователей через облачные сервисы
Details Website 2025-05-24 0 Ransomware Kill Chain Whacked As FBI, Secret Service And Europol Attack | #ransomware | #cybercrime - National Cyber Security Consulting
Details Website 2025-05-24 0 $24M in crypto, 30 Bitcoins, and $700K seized as FBI takes down Russian hacker behind 700,000 computer ransomware army in Operation Endgame | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security Consulting
Details Website 2025-05-24 0 300+ Servers Taken Down In Global Cybercrime Crackdown | #cybercrime | #infosec - National Cyber Security Consulting
Details Website 2025-05-24 0 Operation Endgame claims 300 domains in mass takedown effort
Details Website 2025-05-23 1 Operation Endgame claims 300 domains in mass takedown effort | #cybercrime | #infosec - National Cyber Security Consulting
Details Website 2025-05-23 0 16 Charged in DanaBot Malware Case, $50M in Damages | #cybercrime | #infosec - National Cyber Security Consulting
Details Website 2025-05-23 0 Ransomware hackers charged, infrastructure dismantled in international law enforcement operation | #ransomware | #cybercrime - National Cyber Security Consulting
Details Website 2025-05-23 49 Katz Stealer Threat Analysis - Nextron Systems
Details Website 2025-05-23 0 [STORMOUS] - Ransomware Victim: French Gov 2025 - RedPacket Security