They aren't targetting the registrar
They're targeting its customers who, in my experience, think a five-letter word followed by a number is a good password.
Fiends behind the world's most infamous exploit kit Angler are stealing login credentials to create tens of thousands of pop-up domains used in hit-and-run -style attacks. The new attacks are dubbed 'Domain Shadowing' and represent the latest evolution of online crime in which scores of web sites are set up to compromise …
But is this about DNS hijacking rather than Registrar hijacking (though of course some people do use the Registrar's own DNS). And is it just normal credential compromise that is concentrating on logins from a small number of registrars so they can play about with the DNS there?
The point of these articles is surely to alert us as to new threats. Can you please remember that some of us have had our sharpness blunted by many years of SysAdmining and need things spelt out a little simpler. Anyone?
At least it mostly makes sense. I made the mistake of reading a supposedly technical article on Ars yesterday about hacking BlueRay disks. It was a confused and contradictory mess of ignorance and FUD that made no sense whatsoever. They actually claim that viruses spread by USB before they did by CD/DVD!