Home > CAPEC List > CAPEC-585: DNS Domain Seizure (Version 2.10)  

CAPEC-585: DNS Domain Seizure

 
DNS Domain Seizure
Definition in a New Window Definition in a New Window
Attack Pattern ID: 585
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

In this attack pattern, an adversary influences a target's web-hosting company to disables a target domain. The goal is to prevent access to the targeted service provided by that domain. It usually occurs as the result of civil or criminal legal interventions.

+ Attack Prerequisites
  • This attack pattern requires that the adversary has cooperation from the registrar of the target domain.

+ Examples-Instances

Description

The FBI's seizure of gambling websites, the US DOJ's seizure of child pornography websites, and Microsoft's seizure of all domains owned by the company No-IP in order to disrupt a cyberattack originating from a subset of those domains.

+ Attack Motivation-Consequences
ScopeTechnical ImpactNote
Availability
Other
Disabling a target domain at the infrastructure level denies the availability of its service to the user.
+ References
[R.14.2] [REF-3] "Dozens of Online 'Dark Markets' Seized Pursuant to Forfeiture Complaint Filed in Manhattan Federal Court in Conjunction with the Arrest of the Operator of Silk Road 2.0". FBI. 2014. <https://www.fbi.gov/contact-us/field-offices/newyork/news/press-releases/dozens-of-online-dark-markets-seized-pursuant-to-forfeiture-complaint-filed-in-manhattan-federal-court-in-conjunction-with-the-arrest-of-the-operator-of-silk-road-2.0>.
+ Content History
Submissions
SubmitterDateSource
Seamus Tuohy2017-01-12External_Submission
More information is available — Please select a different filter.
Page Last Updated or Reviewed: May 01, 2017