Hackers exploit a blind spot by hiding malware inside DNS records

Hackers Are Finding New Ways to Hide Malware in DNS Records

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

Hackers exploit a blind spot by hiding malware inside DNS records

Hackers are stashing malware in a place that’s largely out of the reach of most defenses—inside domain name system (DNS) records that map domain names to their corresponding numerical IP addresses. The practice allows malicious scripts and early-stage malware to fetch binary files without having to download them from suspicious sites or attach them to emails, where they frequently get quarantined by antivirus software. That’s because traffic for…

Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data

Cybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity experts. This sophisticated technique, known as DNS tunneling, transforms the internet’s essential “phonebook” into a covert communication channel for malicious activities. DNS tunneling involves encoding data within DNS queries and responses, […] The post Hackers Use…

Hackers misuse DNS for malware

By packaging malware into small pieces and hiding them in DNS TXT records, attackers can store files. This enables a new malware wave.

Why DNS Is the Most Dangerous Blind Spot in Enterprise Security

In an industry flooded with flashy threat vectors—ransomware, zero-days, supply chain attacks—one of the most foundational parts of internet infrastructure remains dangerously neglected: DNS. Despite powering every digital interaction, DNS configuration hygiene has long been treated like plumbing—out of sight, out of mind. But in a recent conversation with TFiR, Patrick Sullivan, CTO of Security Strategy at Akamai, made the case that DNS deserve…

Malware found embedded in DNS, the system that makes the internet usable, except when it doesn't

Fortunately, the example provided appears to be "prank software" rather than more sophisticated malware.