Cloudy with a Chance of Hijacking Forgotten DNS Records Enable Scam Actor

Hazy Hawk is a cybercriminal affiliate group that finds and hijacks abandoned cloud resources (dangling CNAMEs and other DNS misconfigurations) on high-profile domains to host large volumes of obfuscated URLs that redirect users through intermediate sites and traffic distribution systems into scams, malware, and persistent browser push-notification campaigns; the report documents affected sectors and example domains, explains their CNAME-hijack and redirection techniques, and recommends DNS hygiene and protective DNS solutions to mitigate the threat.