Security News > 2023 > February > GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
Web hosting services provider GoDaddy on Friday disclosed a multi-year security breach that enabled unknown threat actors to install malware and siphon source code related to some of its services.
GoDaddy said in December 2022, it received an unspecified number of customer complaints about their websites getting sporadically redirected to malicious sites, which it later found was due to the unauthorized third party gaining access to servers hosted in its cPanel environment.
The threat actor "Installed malware causing the intermittent redirection of customer websites," the company said.
The ultimate objective of the intrusions, GoDaddy said, is to "Infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities."
The 2020 breach entailed the compromise of hosting login credentials of about 28,000 hosting customers and a small number of its personnel.
GoDaddy said a rogue actor used a compromised password to access a provisioning system in its legacy code base for Managed WordPress, affecting close to 1.2 million active and inactive MWP customers across multiple GoDaddy brands.
News URL
https://thehackernews.com/2023/02/godaddy-discloses-multi-year-security.html
Related news
- Nokia investigates breach after hacker claims to steal source code (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)