My domain name is hijacked even though I set up DNSSEC

0

Hi, I registered my domain on Route53. Several days ago, my domain name was hijacked to a malicious website. I have then set up the DNSSEC. However, it cannot solve the issue. By using the dnsviz, I can see three bogus items are shown using alidns.com as NS server. How can I defeat the hijacking? I am using Alicloud free https certificate for my website. It is urgent for my business. Please help!

asked 2 years ago370 views
1 Answer
0

Hi,

I understand that you registered your domain name on Route53 and you use Alicloud free https certificate for your website and you got hijacked even though you set up DNSSEC.

DNSSEC is designed to provide authentication and integrity verification for DNS responses, but it does not directly protect against domain hijacking. Domain hijacking typically occurs when an unauthorized individual gains control of your domain name and redirects its DNS records to their own servers. While DNSSEC can help prevent DNS spoofing and data manipulation, it does not guarantee protection against all types of domain hijacking. Here are some steps you can take to address the situation:

  1. Consider updating passwords for your domain registrar and hosting side and enabling two-factor Authentication [1] on your Route 53 account to prevent further unauthorized access. Additionally , you may want to consider purchasing a commercial SSL/TLS certificate instead of using the free Alicloud certificate, as the latter may not provide sufficient security measures to protect your website from attacks.
  2. Verify your DNS settings: Check your DNS settings with your domain registrar to ensure that they have not been altered by the hijackers. Verify that the DNS records are pointing to the correct servers. you have mentioned that dnsvis shows bogus items that are using alidns.com as NS server, it indicates that your DNS setting have been altered. To verify that the DNS records are pointing at the correct servers using Amazon Route 53 for your Domain servers, you can follow the following troubleshooting techniques. Link URL: https://youtu.be/qxECY6ANf3c

I hope the provided Information has been useful to you. If you have any other queries please do not hesitate to contact me back. I will be more than happy to help.

Have a great day ahead!

References:

[1]: Enabling two-factor Authentication - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa.html

AWS
SUPPORT ENGINEER
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions