GoDaddy allowed popular crypto domains takeover

 

Source: hackread

GoDaddy one of the most popular go to place for domain hosting is currently under security scrutiny after allowing high profile cryptocurrency domains to be taken over. The report highlights that a social engineering scam carried out on GoDaddy's employees has lead to a transfer of DNS records of highly used cryptocurrency websites to bad actors.

 

• The attack reportedly began on Friday 13th November 2020 targeting the DNS records of liquid.com which according to the blog post by the CEO Mike Kayamori has resulted in the actors not only taking over the traffic to its website but also gaining access to its internal emails, which in turn has been enough to gain access to user data storages.

  • This means that a "malicious actor was able to obtain personal information from our user database.  This may include data such as your email, name, address and encrypted password."

  • The CEO also adds that the company is "continuing to investigate whether the malicious actor also obtained access to personal documents provided for KYC such as ID, selfie and proof of address, and will provide an update once the investigation has concluded"

• Reportedly a cryptocurrency mining website nicehash.com was also affected on 18th of November with its service experiencing downtime "as a result of unauthorized access to the domain settings, the DNS records for the NiceHash.com domain were changed"

  • Although the company does not report on any knowledge of the attackers accessing user data it does suggest its users to reset their password and activate Two Factor Authentication.

• The report also highlights the potential of several other high profile cryptocurrency websites being potentially affected, however with no official disclosures by the following companies at the time of writing: celsius.network, wirex.app & bibox.com

 

Related Reading

• Beware of fake Uniswap applications
• Binance begins a legal action over Forbes defamantion of its business
• More generous Coinmarketcap Learn & Earn campaigns
• Binance begins closure of US customers accounts
• Uniswap site was down because of dependency on Cloudflare, is this really a big problem ?
• Critical Etherum services go down for couple of hours
• Wall Street Trading Firm is accumulating Bitcoins & Alts
• Bitcoin miners best profitability cycle since last halving
• Scam Alert: Ledger SMS
• Ledger phishing emails

 

Ongoing crypto free earn campaigns:

• Earn daily through publish0x by tipping & posting, lbry.tv by watching video & media content and presearch for a non intrusive search engine
• Honeygain & Theta Edge for passive gains through participating in content delivery networks

Other crypto gateways:

Most popular & rewarding exchanges currently include Swissborg, Binance, Coinbase, Celsius & Crypto.com

For industry standard secure hardware wallets consider using Ledger or Trezor to keep your funds safe.

 

This article was originally posted on read.cash

Resources

1. https://krebsonsecurity.com/2020/11/godaddy-employees-used-in-attacks-on-multiple-cryptocurrency-services/
2. https://blog.liquid.com/security-incident-november-13-2020
3. https://www.nicehash.com/blog/post/nicehash-is-back-online-what-happened