U.S. Markets closed
  • S&P 500

    3,638.35
    +8.70 (+0.24%)
     
  • Dow 30

    29,910.37
    +37.90 (+0.13%)
     
  • Nasdaq

    12,205.85
    +111.44 (+0.92%)
     
  • Russell 2000

    1,855.27
    +10.25 (+0.56%)
     
  • Crude Oil

    45.53
    -0.18 (-0.39%)
     
  • Gold

    1,788.10
    -23.10 (-1.28%)
     
  • Silver

    22.64
    -0.81 (-3.44%)
     
  • EUR/USD

    1.1970
    +0.0057 (+0.4788%)
     
  • 10-Yr Bond

    0.8420
    -0.0360 (-4.10%)
     
  • Vix

    20.84
    -0.41 (-1.93%)
     
  • GBP/USD

    1.3314
    -0.0042 (-0.3169%)
     
  • USD/JPY

    104.0850
    -0.1650 (-0.1583%)
     
  • BTC-USD

    18,131.39
    +363.33 (+2.04%)
     
  • CMC Crypto 200

    333.27
    -4.23 (-1.25%)
     
  • FTSE 100

    6,367.58
    +4.65 (+0.07%)
     
  • Nikkei 225

    26,644.71
    +107.40 (+0.40%)
     

GoDaddy Employees Tricked Into Transferring Control of Crypto Firm Domains: Report

Kevin Reynolds
·1 min read

Cryptocurrency trading platform liquid.com and crypto mining firm NiceHash were two of at least six firms that had control of their domains briefly transferred to malicious actors last week after employees at GoDaddy, the world’s largest domain registrar, were again tricked by fraudsters, KrebsOnSecurity reported.

  • It wasn’t immediately clear if any of the attacks resulted in a loss of funds.

  • The attacks are similar to the July assault on Twitter in which that firm’s employees were tricked using social engineering to giving access to the company’s administrative tools, thus allowing the hackers to control about 130 high-profile accounts.

  • Liquid CEO Mike Kayamori confirmed the latest breach in a blog post. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage,” the CEO said.

  • NiceHash also confirmed it had been subject to a similar attack, but that no emails, passwords or personal data were compromised.

  • The incursions may have also affected cryptocurrency platforms Bibox.com, Celsius.network and Wirex.app, according to the report, which said none of those companies responded to comment.

  • GoDaddy acknowledged to KrebsOnSecurity that “a small number” of domain names had been modified after a “limited” number of the firms employees fell for a social engineering scam. The company declined to say how its employees were tricked.

  • The attacks follow similar incursions at GoDaddy, including one in March in which a voice phishing scam tricked GoDaddy support employees, allowing malicious actors to take control of at least six domain names, KrebsOnSecurity said.

Related Stories