John Todd, the executive director of the nonprofit DNS provider Quad9, wrote in an email that “this threat is/was quite real,” but also noted that it’s “somewhat complex to deploy and leaves some fingerprints,” since the attacker would have to run their own DNS domains. He also noted that most enterprise DNS servers are set to respond only to IP addresses from within the company that owns them, though internet service providers are more likely to be vulnerable to having their DNS servers hijacked by the NXNSAttack technique.
See the full article here.
