A new report claims that Verizon has been using its DNS servers to send out spam, including to servers in the United States, and to be used to send phishing emails, as reported by BuzzFeed News.
The report, titled DDoS Attackers’ DNS Servers Are Being Used For Malware-Based DDoS attacks , alleges that the networks used by the Verizon network have been hijacked in the past, including one that was used to host a denial-of-service attack that disrupted the internet in 2017.
It also claims that the Verizon servers used to store and relay DNS traffic have been hacked in the last three years, using the DNS servers as servers.
The malicious DNS servers that Verizon used to hijack were not previously known to be infected, and they were reportedly used to redirect users to the attackers’ own DNS servers, according to the report.
The DNS servers used by Verizon to send spam and phishing messages are also known to have been compromised, the report says.
Verizon said in a statement to BuzzFeed News that it is aware of the allegations and has been working to fix them.
“Verizon’s network is designed to protect customers, and we take our cybersecurity seriously,” the statement reads.
“We have worked with our security team to address the reported issues and are actively working to resolve the issue.”
Verizon is not the only company using the Verizon DNS servers for malicious purposes.
In 2016, Symantec reported that a “large number” of Verizon’s DNS servers had been infected with malware that allowed the attackers to hijak the network.
Symantek said it had traced back to a network in France, and the attackers were believed to be using the network to distribute malware that was able to send emails, spy on users and send phish emails.
The networks that Verizon uses for its DNS traffic were not infected with the malware that Symantech found, but Symanteks said the company would be working to isolate the network in the future.
The attacks on Verizon’s networks, according a cybersecurity researcher who has worked on cybersecurity threats, are a sign that Verizon’s network and its DNS server networks are vulnerable to malicious actors, and that it will likely be exposed to a large number of DNS attack campaigns in the coming years.
The Verizon network, for instance, is vulnerable to DNS attack because it has a relatively small number of servers, which can be used by attackers to flood the network with requests to redirect them to their own servers, the researcher said.
Verizon’s security team has said that it has fixed the problem.
“The network is still under attack,” Verizon said.
“This is an ongoing investigation and we are continuing to work with our network security team.”