Recently, it has been discovered that many famous sites such as adobe.com, internet.com, nike.com, etc., have all been attacked. However, the technique used by the attackers is not the usual method of intruding into web servers and modifying homepages. Instead, the attackers are using a domain hijacking attack technique. By impersonating the original domain owner via email, the attackers modify the registered domain records at Network Solutions, transferring the domain to another entity. They then add the domain record to the DNS server specified in the modified registration information, redirecting the original domain to a server with another IP address. Typically, these two servers have been pre-compromised and controlled by the attackers, but they are not owned by the attackers.
So, how exactly do the attackers carry out this domain hijacking attack?