The attackers used social engineering to defraud the GoDaddy staff.
Yesterday, security researcher KrebsOnSecurity reported that several cryptocurrency platforms hosted by popular hosting provider Godaddy have been attacked over the past week.
According to KrebsOnSecurity, the attacks began on or around November 13th on cryptocurrency trading platform liquid.com.
Liquid CEO Mike Kayamori said GoDaddy incorrectly transferred control of the account and domain to a malicious actor.
Kayamori added that the move allowed a malicious actor to change DNS records and thus, take control of a number of internal email accounts. Additionally, a malicious actor was able to partially penetrate the liquid.com infrastructure and gain access to document storage.
The second victim was cryptocurrency mining service NiceHash, which on November 18 discovered that some of the settings for its domain registration records at GoDaddy were changed without authorization, briefly redirecting email and web traffic for the site.
NiceHash immediately froze all customers’ funds for 24 hours to prevent the attackers from transferring funds as well as to verify that they had restored their original domain settings. The company advised its clients to change their passwords and activate 2FA security.
Social engineering, where an attacker impersonates users to defraud administrators, has proven to be a popular tool for criminals looking to pilfer crypto riches. As Cointelegraph has previously reported, a Twitter hack where attackers gained control of top user handles such as Barack Obama and solicited Bitcoin, was also executed with social engineering.
[…]
Learn more
The Tulip Prize [1] was awarded yesterday to François Villeroy de Galhau for a speech…
Senator Elizabeth Warren, supported by other senators, today introduced a bill titled the “Digital Asset…
President Volodymyr Zelensky today signed the “virtual assets” law adopted by the Ukrainian parliament on…
Joe Biden today signed an executive order asking the federal government to assess the risks…
After the implementation of the Ethereum blockchain in the consensus Proof-of-Stake model called “Beacon Chain”,…
It hung in the face of investors, this correction. And if the movements of Bitcoin…
Leave a Comment