DNS hijacking or DNS redirection is the practice of rerouting your Internet browsing so that the traffic can be monitored, controlled, or redirected – for example to fake banking sites without you noticing it.
Typically, DNS hijacking can happen in two ways; your devices are infected with DNS changer malware, or vulnerabilities in your home router software allowing hijackers to take control of your home router.
Malware can have various functionalities. Most of the malware in circulation at the moment have some form of business logic that typically relies on a large number of infected devices. The effect is that, instead of the normal ads available on the web sites, you would see something else. This allows DNS changing malware criminals to generate large sums of money with the ‘altered’ ads and the links you are clicking on.
DNS hijacking is possible by taking your home router in control. This method utilizes the vulnerabilities in your home router software. Old firmware versions have bugs, vulnerabilities, or design flaws which allow hijackers to creep into your home and into your router box. The effect is similar whereby normal ads displayed on the web sites are masked with fake ones.