Security researcher KrebsOnSecurity reported yesterday that several cryptocurrency platforms hosting the popular hosting provider Godaddy have been attacked in the past week.
According to KrebsOnSecurity, the attacks began around November 13 on the trading platform Liquid.com cryptocurrency.
Liquid CEO Mike Kayamori stated that GoDaddy incorrectly transferred control of the account and domain to an attacker.
Kayamori added that the attack allowed the attacker to modify DNS records and thus hijack a number of internal email accounts. In addition, the attacker could partially compromise the Liquid.com infrastructure and gain access to document storage.
The other victim was the cryptocurrency mining service NiceHash, which discovered on November 18 that some settings in GoDaddy’s domain registration records had been altered without permission, and redirected short emails and website traffic.
NiceHash will immediately freeze all customer funds for 24 hours to prevent malicious users from transferring money and to ensure that they have restored their original domain names. The company advised its customers to change passwords and enable 2FA protection.
Social technology, in which an attacker imitates users to deceive officials, has proven to be a popular tool for criminals who want to steal cryptocurrencies. As Cointelegraph previously reported, Twitter was also hacked as attackers were able to gain control over important user descriptions such as Barack Obama’s request and Bitcoin through social media.