GoDaddy Targeted in Multiple Attacks

[chris]

This article makes for good reading. It highlights the importance of domain management, and the role of registries and registrars on infrastructure (see the comments too). It also offers some good suggestions on tightening up your own processes.

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned.

The incident is the latest incursion at GoDaddy that relied on tricking employees into transferring ownership and/or control over targeted domains to fraudsters. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com.

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 2019 that wasn’t discovered until April 2020.

This latest campaign appears to have begun on or around Nov. 13, with an attack on cryptocurrency trading platform liquid.com.

Does anyone have any recommendations on which registrars with a solid security track record, or preferred list of security features?

You can read the full article here:

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services – Krebs on Security

krebsonsecurity.com