An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks. At least 40 different organizations across 13 various countries have been compromised so far by the campaign. The campaign, dubbed Sea Turtle by Cisco Talos researchers who discovered it, began as early as January 2017 and has continued through the first quarter of 2019. In addition to the MENA victims, secondary targets, including telecom firms, ISPs and DNS registrars are being targeted in the U.S. and Sweden.
Source: https://threatpost.com/dns-hijacking-campaign-40-firms-globally/143870/