Pharming Attack

April 10, 2017 | Views: 9147

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hello, Guys!

I hope you are enjoying my posts. Here I will tell you about an attack which is very hard to detect.

The pharming attack.

When you type in a URL ( into your browser, it then goes to the DNS server to convert it into an IP address. After resolving the domain name into an IP address, you can communicate to the desired website (the way we all know – normal everyday usage).

However, in a pharming attack, the attackers poison the DNS server. Attackers manage to alter the DNS tables to redirect requests to a malicious IP address. For example, if you wanted to visit, it would send you to an IP Address where “” looked similar (unnoticeably different) but acted completely different.

So when a user tries to browse a web page, DNS redirects it to a fraudulent IP address, instead of the legitimate IP address, and the page looks like very similar to the original web page.

Once personal information such as a credit card number, bank account number, or password has been entered at a fraudulent website, criminals have the information which can lead to identity theft.

For more information and clear understanding, watch the following:

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. DNS-based attacks are always very hard to detect. This attack seems similar to email phishing attacks where users are tricked into clicking on fraudulent links, redirecting them to a malicious website which looks very similar to their banking website.

  2. I want to leran how to hack facebook acount

    • So, you want to start hacking Facebook accounts? Well, you’re on the right website, but you need to start learning “social-engineering” and “reverse-engineering” – so you can change header code. You need to learn how coding works.

      Most guys try the Facebook “sandbox” initially, to see if they can exploit some code. Before trying the ‘live’ accounts.

      So, there you go! Now, you know what you have to do! Simples.. 😉


  3. yep brother recently Android malware have been targeting router DNS ,they have been gaining access to routers by bruteforcing factory credentials,thats like one guy in the network gets infected the routers DNS settings are changed and voila everyone’s going to get affected
    really companies must provide customers with different random router passwords unlike the same pass for all it’s producta

    • You are right or they should make interface like the user can not skip the step before resetting the default username and password (alphanumeric) which can not be same as default.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge



Is Linux Worth Learning in 2020?
Views: 295 / December 14, 2019
How do I Get MTA Certified?
Views: 893 / December 12, 2019
How much does your PAM software really cost?
Views: 1344 / December 10, 2019
How Do I Get into Android Development?
Views: 1723 / December 8, 2019

We recommend always using caution when following any link

Are you sure you want to continue?