DNS Tunneling is a type of cyberattack that leverages domain name system (DNS) queries and responses to bypass traditional security measures and transmit data and code within the network.
Once infected, the hacker can freely engage in command-and-control activities. This tunnel gives the hacker a route to unleash malware and/or to extract data, IP or other sensitive information by encoding it bit by bit in a series of DNS responses.
DNS tunneling attacks have increased in recent years, in part because they are relatively simple to deploy. Tunneling toolkits and guides are even readily accessible online through mainstream sites like YouTube.