Hazy Hawk Group Exploits DNS Misconfigurations to Seize Subdomains

The Hazy Hawk group is exploiting DNS configuration errors to take control of subdomains. They target forgotten DNS CNAME records pointing to abandoned cloud services to capture trusted subdomains belonging to governments, universities, and large corporations. These subdomains are then used for fraudulent activities, the distribution of fake applications, and malicious advertising.