Attackers have exploited the .arpa internet domain to host malicious websites and deliver phishing links. They use IPv6 and hidden .arpa addresses to disguise URLs and steal user credentials. The scheme was reported by TechRadar on March 2, 2026.
The .arpa domain, a core part of the internet infrastructure, has been hijacked by hackers for phishing purposes. According to TechRadar, attackers are leveraging IPv6 technology alongside hidden .arpa addresses to create undetectable malicious websites and domains. These disguised URLs lead users to phishing pages designed to secretly capture credentials.
The exploit allows hackers to host scams in places where they are difficult to spot, evading typical detection methods. No specific victims or scale of the attack were detailed in the report. TechRadar's coverage highlights the vulnerability in this foundational domain, which is used for internet address resolution.
This incident underscores ongoing risks in internet security, particularly with emerging protocols like IPv6. Users are advised to remain vigilant against suspicious links, though no further preventive measures were outlined in the source.