Security News
Web hosting provider and domain registrar GoDaddy was hit by a data breach that compromised the account credentials of around 28,000 customers. "On April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment. This affected approximately 28,000 customers. We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers' credentials or modified any customer hosting accounts. The individual did not have access to customers' main GoDaddy accounts."
Hosting biz GoDaddy has admitted a hacker tampered with an SSH file on its servers, leading to the theft of 28,000 users' SSH credentials. The intrusion, which took place last month, involved one or more malicious persons "Alter" an SSH file on GoDaddy's infrastructure, the US giant told The Register.
UPDATE. GoDaddy, the world's largest domain name registrar, is warning customers that attackers may have obtained their web hosting account credentials. The company said that the breach only affected hosting accounts, not general GoDaddy.com customer accounts, and that no customer data in the main accounts was accessed.
We need to inform you of a security incident impacting your GoDaddy web hosting account credentials. The investigation found that an unauthorized individual had access to your login information used to connect to SSH on your hosting account.
GoDaddy has been notifying customers of a data breach that may have resulted in their web hosting account credentials getting compromised. "We need to inform you of a security incident impacting your GoDaddy web hosting account credentials," the accompanying customer notification letter reads.
The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com. In a statement shared with KrebsOnSecurity, GoDaddy acknowledged that on March 30 the company was alerted to a security incident involving a customer's domain name.
GoDaddy worked with researchers to shut down 15,000 domain-shadowing websites tied to bogus affiliate marketing offers promoted via spam campaigns.
A research team found that thousands of websites were tricking users into entering credit card information by spoofing trustworthy sites.
Godaddy.com, the world's largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But...
A bomb threat spam campaign that hit North America last month may have been engineered using a flaw in GoDaddy’s domain management process, it was revealed this week.