Tampa Tech Wire - News and Technology From Around The Bay                  

GoDaddy finds hackers running amok – Nearly 3 years & 3 hacks later

Facebook
Twitter
LinkedIn
Pinterest
Pocket
WhatsApp
The web host says it fell victim to a two-year security breach that saw unknown attackers steal customer and employee login details and seize company source code.
GoDaddy Hacked - Again! | Tampa Tech Wire - News and Tech from Around the bay

GoDaddy, one of the world’s largest web hosting services, said in a filing(Opens in a new window) this week that it fell victim to a two-year security breach that saw unknown attackers steal customer and employee login details and seize company source code. 

In the Securities and Exchange Commission filing, the company said the attackers also installed malware that redirected customer websites to malicious sites. The attackers were allegedly responsible for three security breaches between 2020 and 2022.

GoDaddy, which has over 20 million customers, said its investigations into the breaches are ongoing and that it so far believes the incidents “are part of a multi-year campaign by a sophisticated threat actor group.” 

The company said in the filing that the group “installed malware on our systems and obtained pieces of code related to some services within GoDaddy…among other things.” 

As Ars Techinca notes, the most recent attack happened in December 2022, when the threat actors reportedly gained access to the hosting servers used by GoDaddy customers to manage their websites, and installed malware on them. That malware, GoDaddy said, “intermittently redirected random customer websites to malicious sites.”

In a statement posted Thursday, officials from GoDaddy said that the threat actors’ goal is to “infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities.”

Latest IT Security

Xerox confirmed that its US-based subsidiary Xerox Business Solutions experienced a data breach.

January 3, 2024

Xerox Business Solutions experienced a data breach which was limited to Xerox...

New DLL Search Order Hijacking Technique Targets WinSxS Folder

January 3, 2024

Attackers can abuse a new DLL search order hijacking technique to execute...

Laptop with Black Hat Hacker behind padlock

Alert from Microsoft: Fraudulent Skills Assessment Sites Targeting IT Job Seekers

November 12, 2023

Sapphire Sleet's LinkedIn attacks escalate. Malicious domains and recruiting lure tactics.

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

September 19, 2023

On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible...

In March 2020, the group gained login credentials that enabled it to access a “small number” of employee accounts, as well as the hosting accounts of around 28,000 customers. The customers, none of whose main GoDaddy accounts were breached, were notified in May 2020. 

A third breach, in November 2021, saw the use a stolen password to compromise 1.2 million customers’ WordPress instances, getting access to email addresses, usernames, passwords, and, in some cases, their websites’ SSL private keys. “Based on our investigation, we believe these incidents are part of a multiyear campaign by a sophisticated threat actor group,” the filing reads.

“We apologize for any inconvenience this may have caused to any of our customers or visitors to their websites,” the company said in a statement. “We are using lessons from this incident to enhance the security of our systems and further protect our customers and their data.”

That apology—and pledge to improve security—would be more reassuring if it weren’t the third time GoDaddy confessed to being breached by the same hacker group in as many years.

Facebook
Twitter
LinkedIn
Pinterest
Pocket
WhatsApp
Your subscription could not be saved. Please try again.
Thanks for subscribing!

Newsletter

Never miss any important news. Subscribe to our newsletter.

Leave a Reply

Your subscription could not be saved. Please try again.
Thanks for subscribing!

Newsletter

Never miss any important news. Subscribe to our newsletter.

Latest Jobs

Recent News

Popular

Blog Subscriber Form