Security News

Hackers Trick GoDaddy Employees in Operation Targeting Cryptocurrency Services
2020-11-24 18:22

Cybercriminals were able to change the DNS settings of some cryptocurrency websites after tricking GoDaddy employees into providing them with access to customer accounts. On November 18, both services announced that threat actors were able to breach their internal systems after GoDaddy incorrectly handed over control of their accounts.

Crooks social-engineer GoDaddy staff into handing over control of crypto-biz domain names
2020-11-23 22:52

Using social engineering tricks, the hackers were able to change the DNS settings of their victims' domain names, redirecting connections and mail to their own servers. GoDaddy, the world's biggest domain-name registrar, confirmed "a small number of customer domains and/or account information" were altered after "a limited number of GoDaddy employees" were duped.

GoDaddy Employees Tricked into Compromising Cryptocurrency Sites
2020-11-23 21:08

A recent social-engineering "Vishing" attack on domain registrar GoDaddy temporarily handed over control of cryptocurrency service sites NiceHash and Liquid to fraudsters, exposing personal information of users. "A routine audit of account activity identified potential unauthorized changes to a small number of customer domains and/or account information," the statement read. "Our security team investigated and confirmed threat actor activity, including social engineering of a limited number of GoDaddy employees."

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services
2020-11-21 18:15

The attacks were facilitated by scams targeting employees at GoDaddy, the world's largest domain name registrar, KrebsOnSecurity has learned. The incident is the latest incursion at GoDaddy that relied on tricking employees into transferring ownership and/or control over targeted domains to fraudsters.

GoDaddy data breach shows why businesses need to better secure their customer data
2020-05-05 20:39

Web hosting provider and domain registrar GoDaddy was hit by a data breach that compromised the account credentials of around 28,000 customers. "On April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment. This affected approximately 28,000 customers. We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers' credentials or modified any customer hosting accounts. The individual did not have access to customers' main GoDaddy accounts."

GoDaddy hack: Miscreant goes AWOL with 28,000 users' SSH login creds after vandalizing server-side file
2020-05-05 16:15

Hosting biz GoDaddy has admitted a hacker tampered with an SSH file on its servers, leading to the theft of 28,000 users' SSH credentials. The intrusion, which took place last month, involved one or more malicious persons "Alter" an SSH file on GoDaddy's infrastructure, the US giant told The Register.

GoDaddy Hack Breaches Hosting Account Credentials
2020-05-05 15:55

UPDATE. GoDaddy, the world's largest domain name registrar, is warning customers that attackers may have obtained their web hosting account credentials. The company said that the breach only affected hosting accounts, not general customer accounts, and that no customer data in the main accounts was accessed.

GoDaddy – “unauthorized individual” had access to login info
2020-05-05 15:53

We need to inform you of a security incident impacting your GoDaddy web hosting account credentials. The investigation found that an unauthorized individual had access to your login information used to connect to SSH on your hosting account.

GoDaddy Notifies Customers of Data Breach
2020-05-05 09:28

GoDaddy has been notifying customers of a data breach that may have resulted in their web hosting account credentials getting compromised. "We need to inform you of a security incident impacting your GoDaddy web hosting account credentials," the accompanying customer notification letter reads.

Phish of GoDaddy Employee Jeopardized, Among Others
2020-04-01 03:30

The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site In a statement shared with KrebsOnSecurity, GoDaddy acknowledged that on March 30 the company was alerted to a security incident involving a customer's domain name.