Hackers tricked GoDaddy into helping attacks on cryptocurrency services

Started by sushmi, Nov 24, 2020, 12:30 AM

previous topic - next topic
Go Down

sushmi

Hackers tricked GoDaddy into helping attacks on cryptocurrency services

GoDaddy's 2020 security woes aren't over. KrebsOnSecurity has found that hackers tricked GoDaddy employees into handing ownership or control of multiple cryptocurrency services' web domains, inadvertently aiding attacks that brought sites down. It's not certain how many companies fell victim to the effort, but Liquid.com and NiceHash reported problems within days of each other. Bibox, Celsius and Wirex might also have been among the targets, although they haven't confirmed anything as of this writing.



It's uncertain just how the hackers succeeded, but a successful March campaign against sites like Escrow.com likely relied on "vishing," or voice calls that point targets toward phishing sites meant to harvest account sign-ins. Attackers frequently try to convince staff they're from a company's IT department and just want to resolve technical issues.

A GoDaddy spokesperson confirmed that a "limited number" of staff had fallen victim to "social engineering" attacks that let the intruders make unauthorized changes to domains and accounts. It responded by reverting changes, locking down accounts and helping victims regain access.

This comes roughly a year after a data breach affecting 28,000 hosting accounts and doesn't help with GoDaddy's image. It may have been difficult for the company to void vishing, mind you. GoDaddy has joined many other companies in having staff work remotely during the COVID-19 pandemic. That could make it harder to verify the legitimacy of a caller or website. As such, this might be a problem for many companies, even once it's safe to return to offices.


SOURCE - https://www.engadget.com/godaddy-tricked-into-helping-cryptocurrency-attack-220911454.html

Go Up
 

Quick Reply

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Note: this post will not display until it's been approved by a moderator.
Name:
Email:
Verification:
Please leave this box empty:

Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:

shortcuts: alt+s submit/post or alt+p preview
IT Acumens Web Designing Chennai | GinGly :: Build your Personal Website | CineBuzz :: Cinema News | My Kids Diary :: Kids Memories Writing :: Book Website @ 349 Rs monthly
Copyright 2005 - 2020 :: IT Acumens :: All Rights Reserved. :: Sitemap
ITAcumens Discussion Forum with 2 lakhs post running for 15 years - Powered by IT Acumens Dedicated Server