You are working as a security consultant for a small company. The owner of the company states they were recently targeted by hackers who gained access to their email account. Since then the attackers have taken control of the companies website and have stated they will only return control to the company after receiving a payment. The hosting provider has stated the web servers are not infected and no unusual logins have occurred. Despite this users are reporting they cannot access the companies website. Based on this information, what type of attack has occurred to the website?
Correct Incorrect Unanswered Report Issue Answer Description
Based on the information you have the most likely attack (against the website) is a DNS hijacking. The attackers gained control of the company's domain name and are holding it for ransom.
Wikipedia
Domain hijacking or domain theft is the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar software systems.This can be devastating to the original domain name holder, not only financially as they may have derived commercial income from a website hosted at the domain or conducted business through that domain's e-mail accounts, but also in terms of readership and/or audience for non-profit or artistic web addresses. After a successful hijacking, the hijacker can use the domain name to facilitate other illegal activity such as phishing, where a website is replaced by an identical website that records private information such as log-in passwords, spam, or may distribute malware from the perceived "trusted" domain.
Domain_hijacking - Wikipedia, the free encyclopedia Subscribe to avoid duplicate questions and track your progress over time