An organization’s domain name may be its most important asset, and losing control over it affects more than its website. For a large Brazilian bank, a domain hijacking operation last fall resulted in attackers stealing payment card data, taking over customer accounts, and infecting customers with malware.
While the actual bank heist began on Oct. 22, 2016, at around 1 p.m., the preparations for the attack were underway at least five months in advance, said Kaspersky Lab researchers Fabio Assolini and Dmitry Bestuzhev at last week’s Security Analyst Summit. The sophisticated cybercrime group gained access to the bank’s domain registrar and modified the Domain Name System (DNS) records for the bank’s all 36 online properties.
To read this article in full or to leave a comment, please click here