Hazy Hawk Cybercriminal Group Exploits DNS Records to Hijack Cloud Resources

The cybercriminal group known as Hazy Hawk has been observed hijacking abandoned cloud resources belonging to high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints. This operation is carried out by exploiting misconfigurations in Domain Name System (DNS) records. The hijacked domains are then used to host URLs that redirect users to scams and malware through traffic distribution systems (TDSes).