DNS hijacking is when someone redirects your domain's traffic to their server without your permission. They change your NS records, hijack your registrar account, or compromise your DNS provider. End result: your domain points to their infrastructure, not yours.
Attackers do this to steal email, harvest credentials, host phishing sites, or just park your traffic for ad revenue. Registrar account takeover is the most common vector—weak passwords, no 2FA, social engineering. DNS providers without proper access controls are also vulnerable.
This matters because DNS hijacking breaks your entire web presence in minutes. Your site goes down or turns into something malicious. Users see your domain but get someone else's content.
Mitigation: enable registrar lock (prevents unauthorized transfers), use DNSSEC (cryptographically signs your DNS records), require 2FA on your registrar account, monitor your NS records regularly. Some registries and registrars offer additional DNS firewall features. If you control sensitive domains (journalism, activism, crypto), consider a registrar that doesn't automatically reply to takedown requests and offers strong account security—that's the bunkerdomains angle.