Security News > 2023 > February > GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
Web hosting services provider GoDaddy on Friday disclosed a multi-year security breach that enabled unknown threat actors to install malware and siphon source code related to some of its services.
GoDaddy said in December 2022, it received an unspecified number of customer complaints about their websites getting sporadically redirected to malicious sites, which it later found was due to the unauthorized third party gaining access to servers hosted in its cPanel environment.
The threat actor "Installed malware causing the intermittent redirection of customer websites," the company said.
The ultimate objective of the intrusions, GoDaddy said, is to "Infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities."
The 2020 breach entailed the compromise of hosting login credentials of about 28,000 hosting customers and a small number of its personnel.
GoDaddy said a rogue actor used a compromised password to access a provisioning system in its legacy code base for Managed WordPress, affecting close to 1.2 million active and inactive MWP customers across multiple GoDaddy brands.
News URL
https://thehackernews.com/2023/02/godaddy-discloses-multi-year-security.html
Related news
- Australian fertility services giant Genea hit by security breach (source)
- Drug-screening biz DISA took a year to disclose security breach affecting millions (source)
- Why multi-cloud security needs a fresh approach to stay resilient (source)
- There are perhaps 10,000 reasons to doubt Oracle Cloud's security breach denial (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)