That attack was by hacking the target's domain registrar account. Others have done that as well, including against a Brazilian bank.
The right attacker would not even need that - they could just hijack traffic headed to the IP address of the real DNS server in question. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy