Hackers Tricked GoDaddy Employees into Helping Attacks on Crypto Services

GoDaddy’s Security challenges in 2020 haven’t ended. KrebsOnSecurity has found that hackers tricked many GoDaddy employees into transferring ownership or control of the web domains of several cryptocurrency services, inadvertently assisting in site shut down attacks. It is not known how many companies have fallen victim to these efforts, but Liquid.com and NiceHash have reported issues within days of each other. Bibox, Celsius, and Wirex could also be among the targets, although they have not confirmed anything at the time of this writing.

Exclusive: Fraudsters changed the email and DNS records for a number of cryptocurrency trading platforms this week, after successfully social engineering employees at GoDaddy, the world's largest domain name registrar. https://t.co/LYCdowb71Q pic.twitter.com/vlbSPsxPwI
— briankrebs (@briankrebs) November 21, 2020

It is unclear how the hackers succeeded, but the successful March campaign against sites like Escrow.com likely relied on Vishing, or voice calls aimed at phishing sites designed to harvest account logins. Attackers often try to convince employees that they are from the company’s IT department and simply want to solve technical problems.

A GoDaddy spokesman confirmed that “a limited number of employees” have been the victim of “social engineering” attacks that allow attackers to make unauthorized changes to domains and accounts. In response, he canceled the changes, blocked accounts, and helped the victims regain access.

This happened about a year after a data breach affecting 28,000 hosting accounts and didn’t help with GoDaddy’s image. Please be aware that it may have been difficult for the company to cancel the vishing. GoDaddy has joined many other companies to keep employees working remotely during the COVID-19 pandemic. This can make it difficult to verify the legitimacy of the caller or website. Thus, it can become a problem for many companies, even if it is safe to return to the offices.

Author
Recent Posts

Follow me

Johnny McKinsey

Founder of onlinetoolsexpert.com, I'm a website hosting enthusiast and your number one resource for information about getting your business online. I'm undertaking in-depth research and come up with valuable content to help you with your online presence at all levels.

My website is hosted on DreamHost which I really like due to its stability and helpful support. Furthermore, their servers are extremely reliable, secure and fast, I don't remember when the last time we had a server downtime. If you sourcing for a great hosting service, go grab it.

Follow me

Latest posts by Johnny McKinsey (see all)