Investigations on the Sri Lankan Domain attack reveal that threat actors could have used exposed credentials and vulnerabilities to breach and redirect the websites. These credentials have been exposed on the dark web for the past eight years!