GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Brian Krebs reports:

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned.

[…]

This latest campaign appears to have begun on or around Nov. 13, with an attack on cryptocurrency trading platform liquid.com.

“A domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor,” Liquid CEO Mike Kayamori said in a blog post. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.”

Read more on KrebsonSecurity.com

About the author: Dissent

Has one comment to “GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services”

You can leave a reply or Trackback this post.
  1. Buttler - November 30, 2020

    I wouldn’t characterize using a phone to dupe lazy, ignorant employees in companies that have no strict policies and procedures as “increasingly sophisticated and aggressive” attacks.

Comments are closed.