A wave of DNS hijacking attacks targeting victims in North America, Europe, Middle East and North Africa have been linked to Iran. Attacks involved intercepting traffic from firms with the goal of harvesting victims usernames, passwords and domain credentials. The attacks have been observed in clusters between January 2017 to January 2019, the researchers said in a Wednesday analysis of the attacks. Researchers identified three varieties of attacks, each affecting dozens of domains. They assess with moderate confidence that activity is conducted by a group or groups in Iran and that the activity aligns with Iranian interests.
Source: https://threatpost.com/unprecedented-dns-hijacking-attacks-linked-to-iran/140737/