all InfoSec news
Credential Theft and Domain Name Hijacking through Phishing Sites
Malware Analysis, News and Indicators - Latest topics malware.news
In early July 2023, JPCERT/CC confirmed a case of domain hijacking in which a domain used in Japan was unauthorizedly transferred to another registrar. This blog post describes the attack case.
Attack overview
Figure 1 shows the attack flow. The attacker first prepared a phishing site, which pretended to be a registrar on search site advertisements.
Figure 1: the attack flow
An attacker can steal account information and password (hereafter referred to as "credential") when a domain administrator accesses a …
attack attacker blog blog post case credential credential theft domain domain name flow hijacking japan july july 2023 malware analysis name phishing registrar theft