BGP Hijack

A BGP hijack (also called a prefix hijack or route hijack) happens when an autonomous system advertises IP prefixes it has no right to originate. Other networks accept the announcement, and traffic destined for the legitimate owner gets routed to the hijacker instead, where it can be inspected, modified, or blackholed. Famous incidents include the 2008 Pakistan Telecom hijack of YouTube and the 2018 MyEtherWallet incident that stole crypto via DNS interception. RPKI Route Origin Validation, prefix filtering, and MANRS participation are the industry mitigations, but adoption is still incomplete.