Godaddy Employees Tricked into Handing Control Cryptocurrency Domains to Hackers

Employees of GoDaddy, the big daddy of domain name registrars, were target by a vishing scam late last week.

And this is exactly what happened to employees of GoDaddy. The employees were tricked into transferring ownership and/or control over targeted domains to the tricksters, reported by Krebs on Security.

This, however is not the first instance of such an activity involving GoDaddy employees. 

In March this year, the employees were tricked into allowing the attackers to take control of multiple domain names, and 28000 customers’ credentials were breached. You can read more about this here

Liquid.com’s, a cryptocurrency trading platform, CEO Mike Kayamori said in a blog post “On the 13th of November 2020, a domain hosting provider “GoDaddy” that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor…….We believe the malicious actor was able to obtain personal information from our user database.  This may include data such as your email, name, address and encrypted password”.

Liquid.com does not seem to be the only one that has come out. Nicehash too in a blog post confirmed the breach, “In the early morning (UTC) hours of November 18, 2020, the NiceHash domain was not reachable. The domain registrar GoDaddy had technical issues and as a result of unauthorized access to the domain settings, the DNS records for the NiceHash.com domain were changed“.

Several reports state that several other cryptocurrency trading platforms such as Bibox.com, Celsius.network, and Wirex.app were also targeted by the same group. However, there is no official comment from these platforms.

Though these attacks are rampant, there are several ways to mitigate these attacks, few of which are listed below:

1. Restrict VPN connections to only managed devices
2. Restrict VPN access hours
3. Improve 2FA and OTP authentication
4. Bookmark the correct corporate VPN
5. Verify web-links before clicking on them
6. Do not easily trust phone calls and emails from unknown sources
7. Evaluate your security settings

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Also Read:

Magento Warns Users to Apply Security Updates to Fix Critical RCE, XSS & Other Vulnerabilities

Beware!! Hackers Hide Web Skimmer Stealer within EXIF Metadata to Steal Credit card Data

MageCart Hackers Steals Customer Credit Card Data from E-commerce Site Using Web Skimmer