1. Russia-affiliated criminals have hijacked an estimated 30,000 domains using the Sitting Ducks technique since 2019. 2. The technique exploits weak DNS services, allowing unauthorized changes to domain records. 3. Hijacked domains are often used for phishing, scams, spam, and other illegal activities, posing risks to both owners and visitors.