GoDaddy, the world’s largest domain hosting provider, saw its employees being targeted and used in hack attacks on several crypto platforms.
November 23, 2020 | AtoZ Markets – Unidentified hackers have used the employees of the hosting provider GoDaddy and gained control over the domains of several cryptocurrency platforms. The attacks began on November 13, writes KrebsOnSecurity.
Hackers attack crypto trading platforms hosted by GoDaddy
According to reports, the malicious actors reportedly redirected email and web traffic destined for several crypto trading platforms.
As AtoZ Markets reported, cryptocurrency exchange Liquid was the first to suffer from the user data breach. The hosting provider handed over control of the account and domain to an attacker. As a result, the hacker changed DNS records and took control of a number of internal email accounts.
Liquid CEO Mike Kayamori noted that the hacker managed to partially penetrate the platform system and gain access to the document repository. The exchange, however, said the assets were not compromised.
The second victim was the NiceHash cloud mining service. On November 18, experts discovered an unauthorized change to the DNS settings in GoDaddy. NiceHash froze withdrawals for 24 hours until it was sure that the settings were returned to their original state. The platform encouraged users to reset passwords and the two-factor authentication method.
Presumably, the victims of the attack were the cryptocurrency companies Bibox, Celsius, and Wirex.
A representative of the hosting provider acknowledged the problem with the “small number” of domains. According to him, a limited number of employees have been the victims of social engineering fraud.
Commenting on this issue, a spokesperson said:
“Our security team investigated and confirmed threat actor activity, including social engineering of a limited number of GoDaddy employees.”
Ransomware attacks on the rise
Ransomware attacks all around the world have increased since crypto adoption has increased globally. For example, the government of Singapore revealed in June that there was a surge in ransomware attacks that occurred in 2019 in the country.
As a reminder, cybersecurity experts reported that in Q3 2020, hackers began to carry out mass attacks using ransomware viruses less and more often to attack large companies.
As a reminder, the largest telecommunications company in Argentina suffered a ransomware hack. The hackers demanded a Monero ransom worth $7.5 million.
Think we missed something? Let us know in the comment section below.