AWS Route 53 BGP Hijack: What Kentik Saw
Kentik
MAY 2, 2018
Below is a diagram of how this attack worked: Once the attackers have the DNS requests coming to them, they can respond with the IP address of a server they control. According to the Cloudflare blog, the BGP hijack was taking place from 11:05 UTC to 12:55 UTC so we will focus on that time range. Let’s take a look at how this works.
Let's personalize your content