Employees of the domain registrar GoDaddy fell victim to social engineering. They gave attackers access to cryptocurrency platforms.
GoDaddy confirmed that some of its employees have fallen for a social engineering scam. Due to the captured data, hackers have taken over the email and DNS records for a number of crypto trading platforms.
According to a report by Krebs on Security, GoDaddy had “a break-in where hackers tricked employees into transferring ownership and / or control of certain domains to them.” This social engineering targeted the Liquid.com domain name owned by a cryptocurrency company called Liquid. NiceHash was also affected. Both confirmed the attacks. According to Krebs, other cryptocurrency platforms such as Bibox.com, Celsius.network and Wirex.app could also be affected. However, these were not expressed.
Mike Kayamori, Liquid CEO reports on the “security incident” with the company’s domain name.
“On November 13, 2020, a domain hosting provider, GoDaddy, who manages one of our core domain names, mistakenly transferred control of the account and domain to a malicious actor. This gave the hacker the ability to change DNS records and take control of a number of internal email accounts.
In due course, the malicious attacker was able to partially endanger our infrastructure and gain access to the document storage. […] “We took immediate action to prevent further interference and reduce the risk to customer accounts and assets. We have also informed the responsible supervisory authorities about the violation. “