all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Credential Theft and Domain Name Hijacking through Phishing Sites

Add to bookmarks
Nov. 7, 2023, 7:06 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

In early July 2023, JPCERT/CC confirmed a case of domain hijacking in which a domain used in Japan was unauthorizedly transferred to another registrar. This blog post describes the attack case.


Attack overview


Figure 1 shows the attack flow. The attacker first prepared a phishing site, which pretended to be a registrar on search site advertisements.



Figure 1: the attack flow


An attacker can steal account information and password (hereafter referred to as "credential") when a domain administrator accesses a …

attack attacker blog blog post case credential credential theft domain domain name flow hijacking japan july july 2023 malware analysis name phishing registrar theft

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Change Healthcare hasn't given VA details on hack-impacted veterans, top lawmaker says 5 hours ago | malware.news
change change healthcare hack healthcare +4
Two years in, Google says passkeys now protect more than 400 million accounts 5 hours ago | malware.news
account accounts article google +7
CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome 6 hours ago | malware.news
blog browsers bug chrome +19
How to Talk to The Board About Exposure 6 hours ago | malware.news
topic
Pro-Russia hackers target OT weaknesses in critical infrastructure 6 hours ago | malware.news
american article breaches critical +21
Watch out for tech support scams lurking in sponsored search results 6 hours ago | malware.news
blog blog post campaign home +12
Threat Intelligence Snapshot: Week 18, 2024 6 hours ago | malware.news
access amp april find +13
CISA: Immediate GitLab account takeover flaw remediation crucial amid attacks 7 hours ago | malware.news
account account takeover agency article +30
Increased stealth introduced in updated Zloader malware 7 hours ago | malware.news
analysis anti-analysis article banking +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Engineer, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

BaaN IV Techno-functional consultant-On-Balfour

@ Marlabs | Piscataway, US
View on infosec-jobs.com

Senior Security Analyst

@ BETSOL | Bengaluru, India
View on infosec-jobs.com

Security Operations Centre Operator

@ NEXTDC | West Footscray, Australia
View on infosec-jobs.com

Senior Network and Security Research Officer

@ University of Toronto | Toronto, ON, CA
View on infosec-jobs.com
View more jobs