Domain Shadowing

Domain shadowing is a cyberattack where an attacker uses a domain registrar's system vulnerability to create subdomains pointing to malicious servers. The attacker gains access to a legitimate domain by exploiting a security weakness in the domain registrar's control panel or stealing login credentials. Once they have access, the attacker creates subdomains that point to their servers, where they can host malicious content or launch further attacks.

ThreatNG is an all-in-one solution whose "Domain Intelligence" module can help organizations detect and respond to domain shadowing attacks. It can actively monitor domains and subdomains and assess their risk. In the wake of an attack, it can aid the investigation by providing detailed forensic analysis.