Hackers target cryptocurrency platforms hosted on GoDaddy

Unknown hackers duped employees of the GoDaddy hosting provider and gained control of the domains of several cryptocurrency platforms. The attacks began on November 13, according to KrebsOnSecurity.

The first to be affected was the cryptocurrency exchange Liquid. The hosting provider handed control of the account and the domain to the attacker. The attacker altered DNS records and took control of a number of internal email accounts.

Liquid CEO Mike Kayamori noted that the hacker managed to penetrate the platform’s systems partially and gain access to the document storage. The exchange said that assets were not compromised.

The second victim was the cloud-mining service NiceHash: on November 18, specialists detected unauthorized changes to the DNS settings at GoDaddy. As a result, emails and web traffic were redirected for a period of time.

NiceHash froze withdrawals for 24 hours while it verified that the settings had been restored to their original state. The platform advised users to reset passwords and enable two-factor authentication.

Presumably, the victims included cryptocurrency companies Bibox, Celsius and Wirex.

A GoDaddy spokesperson acknowledged a problem with a ‘small number’ of domains. According to him, a limited group of employees was targeted by social engineering fraud.

Earlier, cybersecurity experts reported that in Q3 2020 hackers began to conduct fewer mass ransomware campaigns and more often targeted large companies.

As bitcoin’s price rose from July to September increased the popularity of cryptojacking.

Subscribe to ForkLog news on VK!