In the past couple of weeks, hackers have redirected web traffic and emails meant for multiple cryptocurrency service providers. In the process, they have severely compromised and jeopardized these crypto trading companies. As per KrebsOnSecurity, this cyberattack was done by targeting the GoDaddy employees.
GoDaddy employees are one of the largest domains for name registration in the entire world. The hackers tricked the employees into handing over control of their domains. This is not the first time GoDaddy employees have been the target of such attacks. Last March, fraudsters used similar tactics to gain control of several big domains as well. Escrow.com was one of the victims of that attack.
Last May, GoDaddy had revealed that around 28,000 people’s security had been compromised after the cyberattack that happened in October last year. The attack went undiscovered till April this year. The latest cyberattack has been targeted on liquid.com, a cryptocurrency service provider. Authorities say that the campaign began around 13th November this year.
Liquid CEO Speaks Out About The Latest GoDaddy Employees Kerfuffle
Mike Kayamori, the CEO of Liquid, recently released a statement confirming that their domain has been compromised after hackers used Godaddy employees to take control over liquid.com. He also said that their internal DNA records and email accounts have been infected. Additionally, their infrastructure and document storage has also been partially compromised.
On 18th November, NiceHash, another cryptocurrency service provider, noticed that their domain settings on GoDaddy had been changed without their authorization. They also discovered that their web traffic and emails were redirected. The company, then, temporarily froze its funds. At the moment, their settings are back to their original form.
NiceHash released a statement saying that none of their customers’ data, passwords, or emails were accessed. However, they have suggested everyone reset their passwords. This cyberattack is also a part of the trend, where fraudsters use GoDaddy employees to fraudulently take over control of other domains.
NiceHash Saved Their Personal Data From The Fraudsters
Matjaz Skorjanc, the founder of NiceHash told social media that the hackers tried to access their email passwords and change settings for third-party service providers. Some of those providers are Github and Slack. Additionally, he also said that GoDaddy was unresponsive because the hackers had also deactivated all their email and phone systems. Fortunately, NiceHash could identify the cyberattack immediately and stop it from doing any real damage. He also said that hackers could not steal any important data from them.
As of now, experts believe that several other cryptocurrency service providers have been affected by this cyberattack done through Godaddy employees. Some of them are Wirex.app, Celsius.network, and Bibox.com. These companies are still to comment on the issue.