DNS hijacking (sometimes additionally referred as DNS redirection) could be a type of malicious attack that overrides a computer’s TCP/IP settings to redirect it at a fake DNS server, thereby changing the default DNS settings. In different words we will say, once AN attacker take over a victim’s pc to change its DNS settings, in order that it points to a fake and new DNS server, the method is referred as DNS hijacking.


As we tend to all recognize, the “Domain Name System (DNS)” is especially liable for translating a user friendly domain name like “google.com” to its corresponding ip (internet protocol) address “”. Having a good knowledge about DNS and its operating will assist you to understand all regarding DNS hijacking.


How DNS Hijacking Works?


As mentioned before, DNS is that the one that's largely to blame for mapping the (UFD)user friendly domain names to their corresponding ip addresses. This DNS server is usually owned  and maintained by your ISP(Internet Service Provider) or any different personal business organizations. By default, your pc is designed to use the DNS server from the ISP. In some cases, your pc may be even using the DNS services of different  organizations like Google or Bing . during this case, you're perpetually said to be safe and everything looks great.


But,let’s imagine a scenario in which a hacker or a malware program gains AN unauthorized access to your pc and he alters the DNS settings, in order that your pc is currently using one among the rogue DNS servers that's owned and maintained by the hacker. once this happens, the rogue DNS server could translate domain names of fascinating websites (such as banks, search engines, social networking sites etc.) to ip addresses of malicious websites. As a result, once you type the URL of a web site within the address bar, you might be taken to a fraud web site rather than the one you're intending for. Sometimes, this may additionally place you in deep trouble !
























What are the risks of DNS Hijacking?


The dangers of DNS hijacking will vary and depend upon the intention behind the attack. several ISPs like “OpenDNS” and “Comcast” use DNS hijacking for introducing advertisements or grouping statistics. despite the fact that this may cause no serious injury to the users, it's thought of as a violation of RFCstandards for DNS responses.


Other dangers of DNS hijacking embrace the subsequent attacks:


Phishing: Phishing a fraud act, typically created through email, to steal your personal data. The simplest and best way to defend yourself from phishing is to find out the way to acknowledge a phishing page.

Phishing emails generally appear to come back from some well-known organization and that they ask for your personal data — like CC Numbers , DC numbers, Social Security number, account no. or password. several times phishing tries seem you do from sites, services and firms in which you  not even have AN account.


Pharming: This is another type of attack where the web site’s traffic is redirected to a different website that's typically a rogue one. Let’s take an example, once a user tries to go to a social networking web site like Facebook.com he could also be redirected to a different web site that's full of pop-ups and advertisements. usually this can be often done by hackers so as to gain advertising revenue.



How to stop DNS Hijacking?


In most of the cases, attackers create the  use of trojan like a malicious program to hold out the DNS hijacking. These DNS hijacking trojans are commonly outsourced as video and audio codecs, video downloaders, YouTube downloaders or similar free utilities. So, as to remain protected, it's extremely suggested to remain faraway from untrusted websites that provide free downloads. The DNSChanger trojan could be a example of 1 such malware that as rumored had hijacked the DNS settings of over four million computers to drive a profit of concerning fourteen million USD through deceitful advertising revenue.


Also, it's necessary to alter the default password of your router, in order that it'd not be doable for the attacker to change your router settings using the default password that came with the manufactory setting.

Also putting in a decent antivirus and keeping it up-to-date will defend your PC against any such attacks.