alt Hacker NewsThe graphic that shows that a hijacker can route traffic to their malicious website is a little misleading. Since the SSL certificate would be invalid, browsers would block the connection and show a warning.
I guess the attack could still be used for denial of service.
Once you have control of the destination, you could get a valid SSL certificate with Letsencrypt or whatever.