What Is Subdomain Takeover and How Does It Happen?
As an extension of a domain name, subdomains play an essential role in the Domain Name System (DNS). Some websites like Wikipedia offer content in different languages using them—en[.]wikipedia[.]org, es[.]wikipedia[.]org, and de[.]wikipedia[.]org, among many others.
Websites can also be segmented by category through subdomains, and sometimes point to third-party-hosted services. For instance, blog[.]example[.]com could contain content hosted by blogging platforms like WordPress, while shop[.]example[.]com could point to e-commerce platforms like Shopify.
While these use cases are helpful and demonstrate the value of subdomains, threat actors can sometimes take control of them and pose threats to website owners and visitors alike. This post explains how, and tackles a specific threat called a “subdomain takeover.”