Employees of GoDaddy, the big daddy of domain name registrars, were target by a vishing scam late last week.
And this is exactly what happened to employees of GoDaddy. The employees were tricked into transferring ownership and/or control over targeted domains to the tricksters, reported by Krebs on Security.
This, however is not the first instance of such an activity involving GoDaddy employees.
Liquid.com’s, a cryptocurrency trading platform, CEO Mike Kayamori said in a blog post “On the 13th of November 2020, a domain hosting provider “GoDaddy” that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor…….We believe the malicious actor was able to obtain personal information from our user database. This may include data such as your email, name, address and encrypted password”.
Liquid.com does not seem to be the only one that has come out. Nicehash too in a blog post confirmed the breach, “In the early morning (UTC) hours of November 18, 2020, the NiceHash domain was not reachable. The domain registrar GoDaddy had technical issues and as a result of unauthorized access to the domain settings, the DNS records for the NiceHash.com domain were changed“.
Several reports state that several other cryptocurrency trading platforms such as Bibox.com, Celsius.network, and Wirex.app were also targeted by the same group. However, there is no official comment from these platforms.
Though these attacks are rampant, there are several ways to mitigate these attacks, few of which are listed below:
- Restrict VPN connections to only managed devices
- Restrict VPN access hours
- Improve 2FA and OTP authentication
- Bookmark the correct corporate VPN
- Verify web-links before clicking on them
- Do not easily trust phone calls and emails from unknown sources
- Evaluate your security settings