Have you been sending your customers to malicious websites? A 3-year breach of GoDaddy just revealed.
Are you a GoDaddy customer? You will want to read on. In a filing with the SEC, GoDaddy reported a third breach in 3 years. In this latest attack, the malware was installed on GoDaddy’s cPanel and used to “intermittently redirect random customer websites to malicious sites.” The company also revealed that the hackers’ goal was to infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities. GoDaddy is currently investigating the breach and working with law enforcement to identify the hackers responsible for the attack.
Unfortunately, this is not the first time GoDaddy has fallen victim to a security breach. In an SEC filing, the company revealed that it believes the same hacker group responsible for the recent breach was also responsible for a breach in March 2020. During that breach, the hackers stole the login credentials of 28,000 customers and some of GoDaddy’s staff. Then, in November 2021, the hackers used a stolen password to compromise 1.2 million customers’ WordPress instances, gaining access to email addresses, usernames, passwords, and, in some cases, their websites’ SSL private keys.
What can I do?
Check your website and the GoDaddy dashboard. GoDaddy’s help page has some recommendations on keeping your website protected and directions on restoring your website from a backup. However, keep in mind this breach was caused from within GoDaddy’s cPanel, so you may want to consider moving away altogether to keep yourself protected.
How can Triple Source Technologies help?
Let Triple Source Technologies make sense of all this for you and help guide you in the best next steps to make sure your organization and your customers are protected. Triple Source Technologies also offers no-cost assessments on your current technology and IT environment to give you peace of mind that your organization is protected. Let TST monitor all these breaches so you don’t have to.
References
- https://www.scmagazine.com/news/breach/godaddy-blasted-breach
- https://www.bleepingcomputer.com/news/security/godaddy-hackers-stole-source-code-installed-malware-in-multi-year-breach/
- https://www.wired.com/story/godaddy-hacked-3-years/
- SEC Filing of Breach https://d18rn0p25nwr6d.cloudfront.net/CIK-0001609711/e4736ddb-b4c7-485b-a8fc-1827691692c9.pdf
- https://www.godaddy.com/help/my-website-was-hacked-what-should-i-do-19945