I noticed today that unresolved domains and 404 errors on websites without SSL/TLS are getting hijacked by ads!!!!

https://imgur.com/a/6FDuBgc

WTH?

The site behind the ads is http://www.zygy.com which boasts TM as a customer.

This post has been edited by Drewkk: Sep 13 2018, 02:55 AM

Change DNS to Google DNS, Cloudflare DNS, or OpenDNS. Everyone who knows how TM works have not used TM DNS for a long time.

They have been doing this shit for a long time.

This post has been edited by SilentVampire: Sep 13 2018, 02:57 AM

Doesn't work. I already use CloudFlare 1.1.1.1 also tried Google 8.8.8.8 and 8.8.4.4

This post has been edited by Drewkk: Sep 13 2018, 02:58 AM

You sure? Changed both on WAN page and DHCP page? What router are you using?

Ubiquiti USG
Only thing that bypassed it is using a VPN either to Australia, America or KL office which is TIME.

LOL, you're right. Every DNS query to 1.9.1.9 for a non-existent domain returns 202.71.99.195.

Never noticed it as I wasn't using TM's DNS. Good find.

on my test, TM do Hijack DNS query.



but... on Windows 10, dont have, maybe DNSSEC ?

it is allowed to Hijack customer traffic ? like replace HTTPS to HTTP ?

This post has been edited by Anime4000: Sep 13 2018, 03:11 AM

Try run DNS Leak Test to see if your DNS requests are being intercepted/leaked.
https://www.dnsleaktest.com/

This seems pretty recent too, maybe in the last week or so they started doing this.

What for pay them 300rm each month just to get ads?

Are you using the router provided by TM?

No, I'm using a Ubiquiti USG.

My router is not doing that. You are still on TM DNS, otherwise, you won't be affected by it. Check your device and see if they are on TM DNS. I suspect that they are, as I am not getting this message.

doesn't matter if TM DNS, they still modify Unprotected DNS Query. need DNSSEC compatible router

Or just flash custom firmware on yr router with dnssec. Or worse case get a spare pc/raspberry pi run private dns relay..

Or maybe the 'parental control' settings, block the ip 202.71.99.195

This post has been edited by miloaisdino: Sep 13 2018, 02:07 PM

True, forgot about that DNSSEC is still the way to go, for ‘secure’ DNS queries.

yeah, OP said only works on VPN, I pretty sure his router dont have DNSSEC, nowadays DNS also work in TCP

no wonder sometimes I thought why recently so many ads

after force to reduce unifi price, TM found a way to make money.

Yeah hope they can now reduce streamyx price.

Use Cloud Flare DNS or Google DNS to solve this problem. TM is earning side money by injecting ads.