Akamai makes you to set your own DNS server for it to pull records from, the domain getting hijacked should not have any effect on what that DNS server is returning.
>It added that its domain name system was compromised.
sounds like their DNS server was compromised.
Also, I've never worked with Akamai, but every cdn I have worked with just follows the ns records and resolves against that, which could be changed with access to the domain/registrar. Does Akamai not do that?
Hmm, I figured it was just the records being pointed to cloudflare, since everything I could find makes it sound like that, but you may be correct that the nameservers were changed, as cloudflare's nameservers look like they have a record for the domain, but are returning different records: http://paste.click/s/qKkejf [0]
However I suspect cloudflare's nameservers might just return A records pointing to cloudflare if they don't exist, I'm not sure.
Though that still doesn't answer the second part. Would Akamai not use the authoritative nameservers to resolve the origin? Cdn providers I've worked with (Level3, edgecast, Highwinds, and others) just resolve based on the authoritative nameservers, and I'm genuinely curious if Akamai doesn't do that.
Edit: forgot that my keybinding throws the js/syntax highlighted url into my clipboard, which is pointless for this, here are the plaintext links to the same thing:
>It added that its domain name system was compromised.
sounds like their DNS server was compromised.
Also, I've never worked with Akamai, but every cdn I have worked with just follows the ns records and resolves against that, which could be changed with access to the domain/registrar. Does Akamai not do that?