| ID | X0005 |
| Aliases | None |
| Platforms | Windows |
| Year | 2011 |
| Associated ATT&CK Software | None |
Used to change DNS settings to generate fraudulent advertising revenue.
| Name | Use |
|---|---|
| Impact::Generate Traffic from Victim::Advertisement Replacement Fraud (E1643) | Alters DNS server settings to route to a rogue DNS server for the purpose of click hijacking. [1] |
| Defense Evasion::Disable or Evade Security Tools (F0004) | Prevents the infected system from installing anti-virus software updates. [1] |
SHA256 Hashes
- c2ef46a1b6292f28c0caf08013577e8559c4b0a71bf6fc058968061a3d71ede2
[1] https://www.huffingtonpost.com/2011/11/09/click-hijack-hackers-online-ad-scam_n_1084497.html [2] https://www.joesandbox.com/analysis/258032/0/html