Copy Abandoned or ignored subdomains often include overlooked vulnerabilities that leave organisations open to attack, according to a team of infosec researchers from the Vienna University of Technology and the Ca’ Foscari University of Venice. The team’s work will be presented at the 30th USENIX Security Symposium this August. Hijacking of subdomains is not new, but this new research points out that they’re a weak spot because organisations often forget to maintain them properly, and make the incorrect assumption that access can only be gained if explicitly allowed by an administrator. That laxity leaves subdomains open to a cookie-based attack in which an attacker sets up their own site to replace an abandoned or expired subdomain hosted on a completely different server from the main web site. Then, as web sites typically consider their subdomains “safe,” cookies assigned to the main web site can be overwritten and accessed by the subdomain, thus allowing an intruder to impersonate another user and conduct illicit activities.