DNS Hijacking – Symptoms, Causes, and Solutions

Does it ever happen to you that you are trying to visit a certain website but you are being redirected to another one instead? Rather than visiting abcd.com, you are redirected to abed.com, or some random websites full of pop-ups and ads? Then, sorry to say, but you have become a victim of DNS Hijacking or DNS Redirection.

To understand DNS Hijacking, you must first know about DNS (Domain Name System). It basically is a system which maps an “easy to remember domain name like google.com” to a “complex IP address like 74.125.236.37”. Each website has a unique IP address which is mapped to its corresponding URL (web address) by the DNS server. This DNS server is maintained by the ISPs (Internet Service Providers) and some private organisations like Google.

Suppose a malware somehow gets into your PC and alters your default DNS settings. Now, instead of going through the DNS server of your ISP, your every internet request is going through another one which is maintained by the hackers. They can use it for carrying out their malicious activities – That too with your credentials!

To understand how it works, suppose you are playing a game of catch with your friends.

But, you can’t throw the ball rolex daytona mens rolex calibre 7750 mingzhu engine 116506ibldo hands directly to your friends.

You have to throw the ball to a player X who in turn will throw it to your friends.

But during some time in between of game, another player Y replaces X in absence of your knowledge.

Now Y is a mischievous boy who will not throw the ball to your desired friend rather to the one which he wants to.

Here you are as your PC while your friends are the sites which you want to access.

The player X act as the DNS maintained by your ISP and the player Y acts as the fake DNS server who is redirecting you to other malicious websites.

Since you are using the DNS servers controlled by the hackers, they can map your URL into any IP address as per their wish. This means your DNS protection is compromised. They use it to redirect you to a fake website full of pop ups and ads or to gain personal information about you.

For example, suppose you want to access a social networking site or a banking site but instead you are sent to a very similar but fake website. You enter your personal details on this site and voila! The hacker is now having your personal information view it now at his disposal which he can use as per his desire. A Trojan named DNS Changer infected more than 4 million computers worldwide between 2007 to 2012 and generated revenue of close to 14 million dollars through fake advertisement sites.

To be safe from DNS Hijacking and ensure DNS protection, you must prevent malicious programs to be installed on your system. These malicious programs make way into your computer in the form of attachments when you download files from some untrusted website.

So the best way to protect yourself from DNS Hijacking is by ensuring that your computer is free of those malicious programs. For this, you must purchase a good –DNS protection program for safeguarding your systems from malware such as DNS changers. Always keep the firewall turned on; it will prevent your PC from opening malicious websites and downloading of malware.

In case you are already infected, delete and reset the Hosts file (a text file which maps host names to IP addresses) and use antivirus to get rid of the malware. Then change the DNS server of your PC manually. But the damage might already be done. So the best thing is to follow above mentioned guidelines and protect yourself from DNS Hijacking as it is always better to be safe than sorry.

43

No Responses

Write a response