. home.aspx



State-Sponsored Hackers Use Sophisticated DNS Hijacking in Ongoing Attacks

April 18, 2019 / Kevin Townsend

With growing concern over DNS manipulation attacks, details on a new elite state-sponsored DNS hijacking campaign have been released. Called operation Sea Turtle, researchers believe that at least 40 different organizations across 13 countries have been compromised. Researchers at Cisco Talos discovered the ongoing campaign targeting both public and private entities, and including national security agencies, located primarily in the Middle East and North Africa. While confident that the attackers are state-sponsored, the researchers do not attribute the campaign to any specific state. They do, however, believe that this campaign is separate from -- and more severe than -- the DNSpionage operations it described in November 2018. Talos is not alone in detecting and monitoring DNS attacks. FireEye reported on "a wave of DNS hijacking that has affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Af...