Dangerous DNS malware infects over 30,000 websites - so be on your guard

• DetourDog malware campaign compromised over 30,000 websites using DNS redirection
• Victims were silently redirected to sites hosting Strela Stealer, a modular infostealer
• Attack remained undetected for months due to DNS-level manipulation and infrastructure abuse

Security researchers have spotted an enormous malware campaign which managed to quietly compromise more than 30,000 websites, as well as countless visitors.

Researchers from Infoblox detailed a campaign they dubbed DetourDog, which targeted unprotected servers with a piece of malware of the same name, forcing the servers to redirect the visitors.

Since the DNS requests are made from the website itself, rather than the visitors, they are invisible to the victims. This also helped the campaign remain undetected for as long as it did - several months.