// THREAT DETECTION AND DATA PRIVACY TERM
Domain Hijacking
Domain hijacking is when an attacker illegally takes control of a website's domain name by changing its registration information without permission. This allows them to redirect traffic to a malicious site, intercept emails, or disrupt services.

TECHNICAL DEFINITION
Domain hijacking is a cyberattack where an adversary gains unauthorized control over a domain name by manipulating its registration records at a domain registrar, often via social engineering, credential theft, or exploiting registrar vulnerabilities. The attack compromises DNS settings (A, MX, NS records), enabling traffic redirection for phishing, malware distribution, and brand impersonation.
BACKGROUND
The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and information technology infrastructure protection. It oversees all levels of the federal government and coordinates with U.S. states to improve cybersecurity against private and nation-state hackers. The CISA is headquartered in Arlington, Virginia.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- domain theft
- domain name hijacking
- domain slamming
- brandjacking
- DNS hijacking
- domain takeover
USAGE NOTE
This term is used to describe the complete loss of control over a domain, which is a more severe attack than simple DNS spoofing or cache poisoning.
DEVELOPERS
Organizations developing technology related to Domain Hijacking.
Provides enterprise-class domain name management and security services, including registry locks, DNSSEC, and multi-factor authentication to prevent unauthorized domain transfers and DNS modifications.
A brand protection company, part of Clarivate, that offers secure domain management services for corporations. Their technology focuses on preventing domain hijacking through strict access controls, activity monitoring, and proactive security policies.
Offers a security-focused domain registrar service that includes free DNSSEC, registry lock, and multi-user permissions to protect high-value domains from hijacking attempts and unauthorized changes.
As the registry operator for .com and .net domains, Verisign provides the Verisign Registry Lock Service. This is a high-level security measure that prevents any changes to a domain at the registry level, offering robust protection against hijacking.
Provides secure and resilient DNS services like Edge DNS. This technology is designed to withstand DNS hijacking and other DNS-layer attacks, ensuring that user requests are correctly routed to the intended servers.
The enterprise division of GoDaddy, providing advanced security solutions for corporate domain portfolios. They offer technologies like registry locks and enhanced authentication to secure critical domains against hijacking.
Offers DNS Security services and Cortex Xpanse for attack surface management. These tools help identify and protect against DNS-based threats, including various forms of domain and DNS hijacking, by analyzing DNS traffic and discovering vulnerable assets.