GoDaddy joins the dots and realizes it's been under attack for three years

2023-02-20 02:27

In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.

The business took the unusual step of detailing the attacks in its Form 10-K - the formal annual report listed entities are required to file in the US. The filing details a March 2020 attack that "Compromised the hosting login credentials of approximately 28,000 hosting customers to their hosting accounts as well as the login credentials of a small number of our personnel" and a November 2021 breach of its hosted WordPress service.

"To date, these incidents as well as other cyber threats and attacks have not resulted in any material adverse impact to our business or operations," the filing states - showing enormous empathy for customers whose sites were redirected in the most recent attack, or impacted by the earlier incidents.

In a brief statement on the incident, GoDaddy hypothesized that the goal of the December 2022 attacks "Is to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities."

Russian-linked hacking groups are notorious for the damage caused - or attempted - by groups like Killnet, Cozy Bear, Vice Society or any of the myriad others linked to attacks on its enemies - both in Ukraine and elsewhere.

As we reported in last week's security roundup, the attack didn't take down 911 services, disrupt finances or worsen emergency response times, but the precaution of taking a good portion of the city's network offline to stop the attack has led to a slow recovery and some non-emergency systems inaccessible.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/02/20/in_brief_security/

#attack #godaddy