Security News > 2023 > February > GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft

Web hosting services provider GoDaddy on Friday disclosed a multi-year security breach that enabled unknown threat actors to install malware and siphon source code related to some of its services.

GoDaddy said in December 2022, it received an unspecified number of customer complaints about their websites getting sporadically redirected to malicious sites, which it later found was due to the unauthorized third party gaining access to servers hosted in its cPanel environment.

The threat actor "Installed malware causing the intermittent redirection of customer websites," the company said.

The ultimate objective of the intrusions, GoDaddy said, is to "Infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities."

The 2020 breach entailed the compromise of hosting login credentials of about 28,000 hosting customers and a small number of its personnel.

GoDaddy said a rogue actor used a compromised password to access a provisioning system in its legacy code base for Managed WordPress, affecting close to 1.2 million active and inactive MWP customers across multiple GoDaddy brands.

News URL

https://thehackernews.com/2023/02/godaddy-discloses-multi-year-security.html