Security News > 2020 > November > Hackers Trick GoDaddy Employees in Operation Targeting Cryptocurrency Services
Cybercriminals were able to change the DNS settings of some cryptocurrency websites after tricking GoDaddy employees into providing them with access to customer accounts.
On November 18, both services announced that threat actors were able to breach their internal systems after GoDaddy incorrectly handed over control of their accounts.
Looking into the incident, investigative journalist Brian Krebs discovered that threat actors leveraged social engineering to trick GoDaddy employees into transferring access to specific accounts, and that all of the targeted accounts had their emails changed to point to privateemail.com.
GoDaddy appears to have acknowledged the incident, saying that only a small number of customers were affected, but without providing information on how the adversaries targeted its employees.
SecurityWeek has emailed GoDaddy for additional information on the attack and will update the article as soon as a reply arrives.