Back to feed
Dev.to
Dev.to
5/12/2026
Someone could be using your domain right now and you would not know

Someone could be using your domain right now and you would not know

Short summary

8,000+ domains were hijacked via abandoned DNS records (SubdoMailing campaign), sending 5 million fraudulent emails daily undetected. The same technique compromised the CDC, CoW Swap, and a Russian military operation, often going unnoticed for weeks or months. DNS/WHOIS monitoring—tracking record changes, registration data, and dangling CNAME entries—is the practical defense, but most organizations don't monitor because registrars don't.

  • SubdoMailing hijacked 8,000+ domains through dangling DNS records pointing to abandoned cloud resources
  • CDC, major brands, crypto exchanges, and government systems exploited via same technique; detection delayed weeks or months
  • Solution: monitor DNS (A, AAAA, MX, NS, TXT, CNAME, SOA, CAA records), WHOIS data, and scan for dangling entries

Generated with AI, which can make mistakes.

#certification-education
Read full article at Dev.to

Is this a good recommendation for you?

Explore more

One API Call to Audit Any Domain's Email Security
Dev.to
Your CI/CD Pipelines Are Your Largest Unmonitored Attack Surface
Dev.to
DNSSEC: The Developer's Setup Guide (2026)
Dev.to
The web is now weaponized against your AI agents
Dev.to