A cryptocurrency-based cyberattack has made its way into the offices of GoDaddy, an web domain provider. The big clincher is that the company’s employees were utilized to do the job.
GoDaddy Compromised; Crypto Site Traffic Misdirected
2020 has been the year of many things when it comes to crypto. It’s been the year of a mega bull run in the middle of a widespread pandemic. It’s been the year for institutions getting involved in bitcoin, but it’s also been the year of cyberattacks in many ways. There have been so many attempts at crypto theft – some of which have been rather successful – that it really causes one to think about security and wonder why things haven’t improved enough since the days of Mt. Gox and Coincheck.
One of the big ones this year occurred through Twitter. A hacker took over the accounts of several high-profile individuals – including former president Barack Obama, his vice president Joe Biden, Microsoft mogul Bill Gates and Tesla and SpaceX CEO Elon Musk – and sent messages to their followers about sending bitcoin to anonymous addresses so they could have their donations doubled.
However, this isn’t exactly what happened. Rather, the hacker made off with about $121,000 in BTC funds, which in the long run, isn’t a big number, but it goes to show you just how dangerous the digital world has become considering how many big accounts were compromised.
Another incident occurred just last month that saw many hackers briefly gain control of President Donald Trump’s reelection site. Posting a fake message to the campaign homepage, the actors claimed that by sending Monero – a privacy-focused cryptocurrency – to an included address, individuals would gain access to information not yet released by the media. It didn’t take long for Trump’s legal team to get involved and prevent further trouble.
The hacker victimizing GoDaddy engineered a rather complex scam that caused many employees to inadvertently change email and registration records. In addition, they were also led to redirect traffic having to do with certain crypto exchanges, which potentially may have given the malicious actor control over the firms in question.
Only Technical Glitches?
Among the crypto exchanges that were compromised include Nice Hash and Liquid.com, though many other platforms are feared affected at the time of writing. Liquid CEO Mike Kayamori commented in a recent blog post that a security incident may have occurred on November 13. He writes:
This gave the actor the ability to change DNS records and, in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure and gain access to document storage.
While Liquid has come out with a statement regarding the cyberattack, Nice Hash is instead claiming that technical issues occurred with GoDaddy that caused the changes in its domain settings.