Content Delivery Exploit Opens Websites to Brand Hijacking
Summary
A new domain-fronting attack, dubbed Underminr, enables threat actors to manipulate web requests and utilize trusted websites to mask their malicious activities. This technique allows for brand hijacking by redirecting users to fraudulent sites through seemingly legitimate domains.
IFF Assessment
FOE
The Underminr attack allows threat actors to exploit trusted websites for brand hijacking, posing a significant risk to organizations and users.
Defender Context
Defenders should be aware of domain-fronting techniques like Underminr that can be used to disguise malicious traffic. Monitoring for unusual redirects or content served from trusted domains is crucial, as this exploit can be used for brand impersonation and phishing campaigns.