Security Operations, Network Security, IoT

Global DNS hijacking campaign exploits old home routers

DNS security

As reported by HackRead, a global DNS hijacking campaign has been identified in research by Infoblox, targeting outdated home routers and redirecting user traffic through servers associated with Aeza International, a US-sanctioned Russian bulletproof hosting provider. This sophisticated operation impacts users across more than three dozen countries.

The campaign exploits older home routers that no longer receive security updates. Attackers gain access and alter the router's DNS configuration, effectively controlling where users are directed online. This affects all devices connected to the compromised network, often without the user's awareness. The manipulated DNS traffic is routed through resolvers hosted by Aeza International, a provider sanctioned by the U.S. government in July 2025. From there, traffic is forwarded to a traffic distribution system, which verifies if the user originated from a compromised router before further redirection, often leading to malicious or deceptive websites through advertising and affiliate networks.

Source: HackRead

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds