Hackers attack GoDaddy hosted digital currency platforms

Getting your Trinity Audio player ready...

A number of digital currency platforms hosted by GoDaddy have fallen victim to recent attacks from crypto hackers, according to findings published by a security researcher.

KrebsOnSecurity reported that the popular hosting service has been targeted by a series of attacks beginning on November 13, with the initial attack falling on crypto platform liquid.com.

According to the CEO of Liquid, GoDaddy erroneously transferred control of the domain and the GoDaddy account behind it to a hacker, essentially facilitating the attack, enabling access to secured documents, internal email and DNS records.

The attack was followed by a similar hack of mining service NiceHash, after an unauthorized change in DNS records was identified on November 18. This had the effect of redirecting emails and traffic bound for the site, also hosted by GoDaddy.

In response, NiceHash froze the accounts of all its customers for 24 hours, as well as advising users to update their passwords and turn on 2FA security protection. The company waited for the 24 hour period to ensure original domain settings had been fully restored.

The attacks have deployed tactics known as “social engineering,” where hackers impersonate site administrators to assume control, in order to give themselves access to digital currency platforms and other services.

The same tactics were recently deployed in a hack of leading Twitter usernames, including Barack Obama, in which hackers tweeted solicitations for BTC.

With a series of attacks following this model in short order, questions will now be asked of hosting service providers as to the measures in place to prevent future hacks of this kind from taking place.

A GoDaddy spokesperson said the company took immediate action after the incident came to light.

“A routine audit of account activity identified potential unauthorized changes to a small number of customer domains and/or account information…We immediately locked down the accounts involved in this incident, reverted any changes that took place to accounts, and assisted affected customers with regaining access to their accounts.”

See also: CoinGeek Live presentation on Blockchain Intelligence: Analytics, Forensics & Compliance Tools for Bitcoin SV