>>12that's not session hijacking because there are no cookies/sessions here. it's DNS hijacking (which can also be used to perform session hijacking, but malicious update is a bigger threat than stealing cookies, because it gives you code execution as an already installed program that the victim trusts):
https://en.wikipedia.org/wiki/DNS_hijacking