Hackers attacked cryptocurrency platforms hosted by GoDaddy


Unknown hackers deceived the employees of the hosting provider GoDaddy and gained control over the domains of several cryptocurrency platforms. The attacks began on November 13, KrebsOnSecurity writes.

The Liquid cryptocurrency exchange was the first to suffer. The hosting provider transferred control of the account and domain to the attacker. He changed DNS records and took control of a number of internal email accounts.

Liquid CEO Mike Kayamori noted that the hacker managed to partially penetrate the platform’s system and gain access to the document repository. The exchange stated that the assets were not compromised.

The second victim was the NiceHash cloud mining service: on November 18, experts discovered an unauthorized change in DNS settings in GoDaddy. For this reason, emails and web traffic have been diverted for some time.

NiceHash froze the withdrawal of funds for 24 hours until it was sure that the settings were returned to their original state. The platform recommended that users reset passwords and the two-factor authentication method.

Presumably, the victims of the attack were the cryptocurrency companies Bibox, Celsius and Wirex.

A representative of the hosting provider acknowledged the problem with a “small number” of domains. According to him, a limited number of employees have become victims of fraud using social engineering methods.

Earlier, cybersecurity experts reported that in the third quarter of 2020, hackers began to carry out mass attacks using encryption viruses less often and attack large companies more often.