Hackers used GoDaddy Employees to Hack Crypto Sites: Liquid and NiceHash

0
210
  • GoDaddy Employees have been fooled by the hackers and the crypto sites Liquid and NiceHash have been hacked.
  • The hackers used a phishing or vishing technique that makes the employees hand over the keys to hack. 

Krebs on security has reported that fraudsters targeted GoDaddy employees by redirecting the mails and traffic for various crypto service providing platforms. They have tricked the employees by saying the transfer of ownership and need for control over the domain. The cryptocurrency trading platforms Liquid and NiceHash have already confirmed the hack. 

What did the Hackers do?

Mike Kayamori, CEO of Liquid, in an official announcement, said that GoDaddy, a domain hosting provider, which manages their domain has incorrectly transferred control of the account to hackers. This made the fraudsters take in control of DNS records and internal email accounts. They also have gained access to important documents. 

NiceHash, a digital asset mining company, in its blog post, reported on November 18 that they figured out some settings were changed without any authorisation from their domain registrar GoDaddy. They immediately froze all the user funds for the next 24 hours until original settings were brought back. In spite of no harm to data, emails and passwords, the company suggested all its users reset their password for security purposes. In fact, they moved a step ahead and asked their customers to complete the 2-factor authentication. 

Matjaz Skorjanc, NiceHash’s founder, said that the hackers tried to gain access to incoming mails to undergo password reset in many third-party services. This includes Slack and Github. He was glad that they found the issue at the earliest possible stage and started to mitigate the issue. Fortunately, they fought them well and didn’t give them access for any important data and confirmed that nothing had been stolen. 

One prominent theory is that the fraudsters have used the phishing or vishing technique, that allows hackers to make phone calls and fool the employees to hand over the control of the domain. Previously in March, GoDaddy was again a victim, where several domains were hacked and brought in control of the attacker.

Being one of the largest domain registrars, GoDaddy falling as victims for such simple dishonest calls is not acceptable. This clearly proves us the importance of 2 – factor authentication, which acts as utmost security for the users. 

Join The Coin Republic’s Telegram Channel for more information related to CRYPTOCURRENCY NEWS and predication. 

How useful was this post?

Click on a thumb to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

LEAVE A REPLY

Please enter your comment!
Please enter your name here