Someone recently boasted about adware which can inject ads from most networks, and using DNS spoofing would make the providers think that the ads were on a website owned by me (i.e. www.myscamsite.com), while the ads are actually on a normal website (i.e. www.stackoverflow.com). This sounds dubious to me, because most websites these days use HTTPS to prevent DNS spoofing.
My questions:
- Could this method work on HTTP sites?
- Could this method work on HTTPS sites (somehow?)
I know the ISP's did it to routers years ago, but that was before HTTPS.
