DNS hijacking or DNS redirection is the practice of rerouting your Internet browsing so that the traffic can be monitored, controlled, or redirected – for example to fake banking sites without you noticing it.
Typically, DNS hijacking can happen in two ways; your devices are infected with DNS changer malware, or vulnerabilities in your home router software allowing hijackers to take control of your home router.
DNS changer malware
Malware can have various functionalities. Most of the malware in circulation at the moment have some form of business logic that typically relies on a large number of infected devices. The effect is that, instead of the normal ads available on the web sites, you would see something else. This allows DNS changing malware criminals to generate large sums of money with the ‘altered’ ads and the links you are clicking on.
Vulnerabilities in your home router software
DNS hijacking is possible by taking your home router in control. This method utilizes the vulnerabilities in your home router software. Old firmware versions have bugs, vulnerabilities, or design flaws which allow hijackers to creep into your home and into your router box. The effect is similar whereby normal ads displayed on the web sites are masked with fake ones.
Impact of DNS hijacking
- Altered advertising – less dangerous but more annoying as you may see porn ads on normal pages you visit with the family PC.
- Advertising space is used to show notifications or warnings that may trick you into doing things that you are not supposed to.
- Total redirection to a fake website where your Internet usage is spied on to collect personal information, usernames and passwords, or even banking credentials.
