Security News > 2020 > November > GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services
The attacks were facilitated by scams targeting employees at GoDaddy, the world's largest domain name registrar, KrebsOnSecurity has learned.
The incident is the latest incursion at GoDaddy that relied on tricking employees into transferring ownership and/or control over targeted domains to fraudsters.
In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com.
In response to questions from KrebsOnSecurity, GoDaddy acknowledged that "a small number" of customer domain names had been modified after a "Limited" number of GoDaddy employees fell for a social engineering scam.
In the attacks earlier this year that affected escrow.com and several other GoDaddy customer domains, the assailants targeted employees over the phone, and were able to read internal notes that GoDaddy employees had left on customer accounts.