70,000 Domains Hijacked in Global “Sitting Ducks” DNS Attack

by Justin Erickson

Security researchers have uncovered a large-scale domain hijacking campaign, dubbed “Sitting Ducks,” which has compromised over 70,000 web domains globally. Threat actors exploited vulnerabilities in domain registration, allowing them to do several malicious acts. These hijacked domains are being used for phishing, malware distribution, redirection of website traffic, and more. The campaign highlights weaknesses in DNS and domain management practices. This vulnerability – known as ‘lame delegation’ – has gone largely unnoticed. This attack underscores the critical need for improved DNS security and vigilance in protecting web domains.