Why is DNS commonly abused?

DNS is trusted and rarely blocked, which makes it a convenient channel for abuse. Because name resolution is essential for almost all internet activity, networks typically allow DNS traffic to pass and seldom scrutinize it deeply. Attackers exploit this trust by embedding data in DNS queries or using DNS-based command-and-control, hiding in looks-like-normal domain names to evade quick detection. The defense challenge is that blocking DNS or inspecting all queries can disrupt legitimate services, so many security controls give DNS a free pass, creating opportunities for exfiltration and tunneling. In contrast, the other statements don’t describe why DNS is commonly abused: DNS traffic is not encrypted by default, though encrypted DNS exists; it does not rely on a single fixed port in all contexts; and it does not require a VPN to function.