https://bit.ly/3SSDF86 - 🔍 Guardio Labs unveils "SubdoMailing" — a widespread subdomain hijacking campaign compromising over 8,000 domains, including MSN, VMware, and eBay. Millions of malicious emails circulate daily, exploiting trust and stolen resources. #SubdoMailing #CyberSecurity 📉 Guardio's email protection systems detect unusual patterns, leading to the discovery of thousands of hijacked subdomains. The operation involves complex DNS manipulations, facilitating the dispatch of spam and phishing emails under reputable brands. #EmailSecurity #DNSManipulation 📧 Examining a deceptive email reveals clever tactics, including image-based content to bypass spam filters. SPF, DKIM, and DMARC authentication are manipulated, allowing scam emails to reach users' inboxes. #EmailScam #CyberAttack 💻 Analysis uncovers the resurrection of abandoned domains, enabling subdomain hijacking for malicious activities. Actors manipulate SPF records, creating a web of authorized senders to evade detection. #DomainSecurity #SPFManipulation 🛡 Guardio identifies a coordinated campaign by threat actor "ResurrecAds," exploiting compromised domains for mass email dissemination. The operation spans diverse tactics, including SPF authentication injection and SMTP server hosting. #ThreatActor #CyberCrime 🔎 Tracking indicators of compromise reveals the extensive infrastructure behind "SubdoMailing," spanning hosts, SMTP servers, and IP addresses. The operation's scale and sophistication underscore the need for collaborative defense efforts. #CyberDefense #ThreatAnalysis 🔒 Guardio launches a "SubdoMailing" checker tool to empower domain owners in reclaiming control over compromised assets. The tool provides insights into abuse detection and prevention strategies. #CyberAwareness #SecurityTool 📢 Join Guardio in raising awareness about the "SubdoMailing" threat and utilizing the checker tool to fortify domain security. Together, we can mitigate the impact of malicious email campaigns and safeguard digital landscapes.

How spammers exploit hijacked corporate domains

Source: https://www.kaspersky.com/blog/domain-hijacking-subdomailing/51097/

8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

Source: https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html

More info: https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935