Security News > 2020 > March > Over 600 Microsoft Subdomains Can Be Hijacked: Researchers
There are more than 600 legitimate Microsoft subdomains that can be hijacked and abused for phishing, malware delivery and scams, researchers warned this week.
Researchers at Vullnerability, a company that specializes in exploit and vulnerability alerting services, have created an automated system that scanned all the subdomains of some important Microsoft domains.
The scan revealed the existence of over 670 subdomains that could be hijacked using this technique.
The researchers reported a dozen of the impacted subdomains to Microsoft and the tech giant has taken steps to prevent them from being hijacked.
Experts have been warning about the risks posed by subdomain hijacking for years and ZDNet reported last month that spammers had already started hijacking Microsoft subdomains.