According to KrebsOnSecurity, malicious actors managed to trick a limited number of GoDaddy employees into handing over control or ownership of web domains belonging to several cryptocurrency sites by using a social engineering scam.
One of the victims, cryptocurrency trading platform liquid.com, noted that the attackers acquired the ability to change DNS records and, as a result, gain control of a number of internal email accounts. Internal document storage was also compromised. Cryptocurrency mining service NiceHash is another platform to have confirmed an attack.
- Our list of the best bitcoin wallets
- And here's our roundup of the best endpoint protection
- Also, here's our list of the best bitcoin exchanges
Apart from those two firms, domain alteration records suggest that Bibox, Celsius and Wirex may also have been targeted, but none of those platforms have confirmed or denied the reports. In response to the attacks, GoDaddy said that it reverted any changes, locked down the affected accounts and immediately began worked on restoring access for any disrupted customers.
The latest incident will provide further disappointment at GoDaddy, which has experienced a bad year in terms of security problems. Back in May 2020, for example, the company disclosed that 28,000 of its customers’ web hosting accounts had been compromised. And in March 2020, the company was the victim of a voice phishing, or vishing, campaign that put key customer records at risk.
It is not clear how GoDaddy employees were tricked this time round, but vishing campaigns can prove surprisingly effective, particularly when attackers adopt the role of IT personnel attempting to fix technical problems.
In addition, the coronavirus pandemic has made it more difficult for companies to safeguard against phishing attacks, with more members of staff working remotely. This makes it more difficult to verify information requests – something that attackers have been quick to pounce upon.
- Also check out the best mining laptops around