Doom Now Runs over DNS, Loading From Nearly 2,000 Text Records

The Domain Name System, conceived in the 1980s to translate human‑readable names into IP addresses, has long been repurposed for unconventional data transport. The latest demonstration pushes that boundary by loading the classic first‑person shooter Doom directly from DNS. Developer Adam Rice encoded the shareware version into 1,964 Cloudflare TXT records, which a PowerShell script stitches together at runtime. By avoiding any disk writes, the port runs entirely in memory, turning a ubiquitous networking protocol into a makeshift file‑system for a 1990s game.

Technically, the project compresses Doom’s original 8.4 MB payload to roughly 1.9 MB, then fragments it across thousands of text records. Each DNS query retrieves a small slice, which the PowerShell script reassembles before launching the Managed Doom engine, a C# adaptation of the original codebase. This method underscores a growing concern among security professionals: DNS zones can serve as stealthy carriers for malware, as seen in recent campaigns that pieced together malicious binaries from hundreds of subdomains. The Doom‑over‑DNS proof‑of‑concept illustrates both the ingenuity of developers and the potential for abuse.

Beyond the security implications, the stunt adds to a long‑standing tradition of running Doom on unlikely hardware—from smart lamps to satellite‑borne computers. Such experiments capture public imagination while reminding enterprises that any reachable endpoint, however low‑tech, can become a vector for code execution. As cloud providers like Cloudflare continue to offer programmable DNS services, organizations must tighten zone management, monitor anomalous TXT record volumes, and enforce strict access controls. The Doom port is a playful reminder that even legacy protocols can be weaponized, prompting a reevaluation of DNS hygiene in modern networks.