Security News

GoDaddy admits: Crooks hit us with malware, poisoned customer websites
2023-02-20 19:36

The malware intermittently redirected random customer websites to malicious sites. Redirects are so common that if you hang around web developers at all, you'll hear them referring to them by their numeric HTTP codes, in much the same way that the rest of us talk about "Getting a 404" when we try to visit a page that no longer exists, simply because 404 is HTTP's Not Found error code.

GoDaddy joins the dots and realizes it's been under attack for three years
2023-02-20 02:27

In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020. The business took the unusual step of detailing the attacks in its Form 10-K - the formal annual report listed entities are required to file in the US. The filing details a March 2020 attack that "Compromised the hosting login credentials of approximately 28,000 hosting customers to their hosting accounts as well as the login credentials of a small number of our personnel" and a November 2021 breach of its hosted WordPress service.

GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
2023-02-18 09:21

Web hosting services provider GoDaddy on Friday disclosed a multi-year security breach that enabled unknown threat actors to install malware and siphon source code related to some of its services. GoDaddy said in December 2022, it received an unspecified number of customer complaints about their websites getting sporadically redirected to malicious sites, which it later found was due to the unauthorized third party gaining access to servers hosted in its cPanel environment.

GoDaddy: Hackers stole source code, installed malware in multi-year breach
2023-02-17 17:27

Web hosting giant GoDaddy says unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment. While GoDaddy discovered the security breach in early December 2022 following customer reports that their sites were being used to redirect to random domains, the attackers had access to the company's network for multiple years.

Hundreds of GoDaddy-hosted sites backdoored in a single day
2022-03-16 17:22

Internet security analysts have spotted a spike in backdoor infections on WordPress websites hosted on GoDaddy's Managed WordPress service, all featuring an identical backdoor payload. The case affects internet service resellers such as MediaTemple, tsoHost, 123Reg, Domain Factory, Heart Internet, and Host Europe Managed WordPress. The discovery comes from Wordfence, whose team first observed the malicious activity on March 11, 2022, with 298 websites infected by the backdoor within 24 hours, 281 of which were hosted on GoDaddy.

Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI
2021-11-28 09:00

GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposedGoDaddy, the popular internet domain registrar and web hosting company, has suffered a data breach that affected over a million of their Managed WordPress customers. Malicious Python packages employ advanced detection evasion techniquesJFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times.

S3 Ep60: Exchange exploit, GoDaddy breach and cookies made public [Podcast]
2021-11-25 19:38

" Cybersecurity tips for the holiday season and beyond. Tech history: What do you mean, "It uses a mouse?" Don't make your cookies public! Oh! No! DDoS attack in progress - unfurl the umbrellas!

GoDaddy Data Breach Exposes Over 1 Million WordPress Customers' Data
2021-11-24 20:52

Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission, the world's largest domain registrar said that a malicious third-party managed to gain access to its Managed WordPress hosting environment on September 6 with the help of a compromised password, using it to obtain sensitive information pertaining to its customers.

GoDaddy Breach Widens to Include Reseller Subsidiaries
2021-11-24 16:16

Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen. The GoDaddy breach affecting 1.2 million customers has widened - it turns out that various subsidiaries that resell GoDaddy Managed WordPress were also affected.

GoDaddy data breach hits WordPress hosting services resellers
2021-11-24 15:47

GoDaddy says the recently disclosed data breach affecting roughly 1.2 million customers has also hit multiple Managed WordPress services resellers. GoDaddy acquired these brands after buying web hosting and cloud services companies Host Europe Group in 2017 and Media Temple in 2013.