GoDaddy hacked by hackers fond of crypto-currency – Wirex, Celsius and NiceHash targeted

Beware of your cryptos! – GoDaddy is one of the largest web hosting companies and domain name managers. This year, it has been the victim of a series of hacking attacks, the latest of which involved several companies in the cryptomoney sector.

Hijacked cryptos project websites

According to a recent report by cyber security research platform KrebsOnSecurity, hackers attempted to attack several cryptographic platforms hosted by GoDaddy in mid-November.

The exchange Liquid.com is one of the hackers‘ targets. According to Mike Kayamori, CEO of Liquid, on November 13th :

„The domain hosting provider ‚GoDaddy‘, which manages one of our major domain names, mistakenly transferred control of the account and domain to a malicious player (…). This allowed the actor to change DNS records and in turn take control of a number of internal email accounts (…) the malicious actor was able to partially compromise our infrastructure and access document storage.“

The NiceHash site, which specialises in renting computing power for mining cryptomoney, also reported similar problems on 18 November. Some parameters of its domain names at GoDaddy had been „modified without authorisation“, briefly redirecting email and web traffic.

As a security precaution, NiceHash then froze all its customers‘ funds for about 24 hours.

GoDaddy employee accounts compromised

According to KrebsOnSecurity’s research, other cryptoactivity-related project sites could have been targeted, including Bibox.com, Celsius.network, and Wirex.

According to initial information provided by GoDaddy and Bitcoin Secret on the incident, some of its employees were victims of a social engineering scam, such as voice phishing.

„As malicious actors become increasingly sophisticated and aggressive in their attacks, we are constantly training our employees on new tactics that could be used against them and adopting new security measures to prevent future attacks.“

Dan Race, spokesperson for GoDaddy

The hackers would have succeeded in recovering the identifiers of GoDaddy’s employees by trickery over the phone to enter their data on a fake site.

Apart from Liquid and NiceHash, the other cryptos companies did not report how GoDaddy’s failures might have affected them (if at all).

In the crypto-active sector, vigilance must always be the order of the day. For a user of these services, enabling dual authentication (2FA) may already provide an additional security barrier.

About the author