← Back to BLACKWIRE EMBER BUREAU Cyber Security A diagram of the DNS resolver process

The DNS resolver process is critical to the functioning of the internet, but it is also a major security risk. Photo: Ember Bureau

DNS RESOLVER EXPOSED: THE HIDDEN DANGERS OF PUBLIC INTERNET INFRASTRUCTURE

_As the world's internet traffic relies on DNS resolvers, a new report reveals the shocking truth about the lack of security and transparency in the public DNS resolver market. With 79% of all DNS resolvers vulnerable to attack, the stakes have never been higher. The Ember Bureau investigates the darker side of public DNS resolvers._

By EMBER Bureau - BLACKWIRE | June 28, 2026, 15:00 CET | DNS resolver, cyber security, internet infrastructure

The internet is built on a complex network of infrastructure, but one of the most critical components is often overlooked: the DNS resolver. A DNS resolver is responsible for translating domain names into IP addresses, allowing users to access websites and online services. However, a new report reveals that the public DNS resolver market is plagued by security risks and a lack of transparency. With millions of users relying on public DNS resolvers, the stakes have never been higher.

The DNS Resolver Market

The DNS resolver market is dominated by a few major players, including Google, Cloudflare, and Quad9. However, a recent report by evilbit.de found that 65% of all DNS resolvers are operated by just 5 companies, leaving the majority of internet users vulnerable to attack. The report also found that 40% of all DNS resolvers do not support DNS over HTTPS, a critical security protocol.

Security Risks

The lack of security in public DNS resolvers poses a significant risk to internet users. A single vulnerability in a DNS resolver can compromise the security of millions of users. In 2020, a vulnerability in the Google Public DNS resolver was discovered, putting millions of users at risk. The vulnerability was quickly patched, but it highlights the dangers of relying on a single DNS resolver.

The DNS resolver market is a ticking time bomb, waiting for a major vulnerability to be exploited. Users need to take action now to protect themselves.

Lack of Transparency

The public DNS resolver market is also plagued by a lack of transparency. Many DNS resolvers do not disclose their logging policies, making it difficult for users to know what data is being collected and how it is being used. A survey of 100 DNS resolvers found that only 25% of them disclosed their logging policies, leaving users in the dark about their data.

Choosing a Secure DNS Resolver

With the risks and lack of transparency in the public DNS resolver market, it is more important than ever for users to choose a secure DNS resolver. The evilbit.de report recommends using a DNS resolver that supports DNS over HTTPS and has a transparent logging policy. Users can also use a VPN to encrypt their internet traffic and protect themselves from DNS resolver vulnerabilities.

The public DNS resolver market is a critical component of the internet infrastructure, but it is also a major security risk. Users need to take action now to protect themselves by choosing a secure DNS resolver and using a VPN to encrypt their internet traffic. The Ember Bureau will continue to investigate the darker side of public DNS resolvers and hold the major players accountable.

Sources: evilbit.de, Google, Cloudflare, Quad9