January 13, 2025 – Expired domains allowed hackers to hijack 4,000 global backdoors, targeting government, academic, and private systems. A cybersecurity wake-up call.
A startling revelation by cybersecurity firm watchTowr Labs has exposed a chilling new tactic in cybercrime: exploiting expired domains to hijack over 4,000 global backdoors embedded in compromised systems.
For as little as $20 per domain, hackers gained control over backdoors across government, academic, and private networks worldwide. This malicious operation capitalized on web shells, including China Chopper, c99shell, and r57shell, which provided attackers with access to execute commands, deploy payloads, and harvest sensitive data.
These backdoors, left connected to abandoned domains, became easy targets for control redirection. Benjamin Harris, CEO of watchTowr Labs said:
This demonstrates how overlooked digital assets can escalate into major vulnerabilities. We were able to observe thousands of compromised hosts ‘reporting in’ to the hijacked domains.
The attack surfaced governments in Bangladesh, China, and Nigeria, along with academic institutions in South Korea, Thailand, and others, as victims. Even mail servers from prominent organizations, including U.S. government entities, were implicated.
In response, watchTowr partnered with the Shadowserver Foundation to sinkhole the malicious domains, preventing further exploitation. Yet, experts warn this incident is a wake-up call for securing abandoned infrastructure.
It’s somewhat reassuring to know attackers can make mistakes too. But this shows how systemic neglect in domain management can create catastrophic risks.
This alarming exploit raises the urgency for domain monitoring and zero-trust architectures to mitigate such threats, especially as cybercriminals continue to innovate.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life.
