Cybercriminals installed malware on GoDaddy servers in a multi-year breach

GoDaddy also faced security events from 2020 to 2022, which it shared were carried out by the same attacker.
| Photo Credit: Special Arrangement

An unauthorised third party gained access to GoDaddy, a web host, domain registrar and website building platform, servers in its cPanel shared hosting environment and installed malware causing intermittent redirection of customer websites, the platform shared in a blog post.

The breach was first discovered in December 2022 after the platform investigated customer complaints about their sites being used to redirect to random domains.

The company claims that a sophisticated threat actor group, among other things, installed malware on its systems and obtained pieces of code related to some services in the Dec. 2022 attack.

The company also faced security events from 2020 to 2022, which it shared were carried out by the same attacker.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

In March 2020, a threat actor compromised the hosting login credentials of approximately 28,000 hosting users to their hosting accounts as well as the login credentials of a small number of the company’s personnel. In November 2021, using a compromised password, an unauthorised third party accessed the provisioning system in the company’s legacy code which impacted up to 1.2 million active and inactive MWP customers across multiple GoDaddy brands, the company shared in a filing to the Securities and Exchange Commission (SEC).

“To date, these incidents as well as other cyber threats and attacks have not resulted in any material adverse impact to our business or operations”, the company shared.

In April 2022, research by Cybernews discovered hundreds of compromised WordPress sites running malicious phishing adverts, with GoDaddy being hit the worst with 42 infected websites.

GoDaddy currently has 1.5 million paying customers with $4 billion in revenues, according to its latest SEC filing.

https://www.thehindu.com/sci-tech/technology/cybercriminals-installed-malware-on-godaddy-servers-in-a-multi-year-breach/article66535453.ece

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Posts

10 Best Web Hosting for Small Business: Top Services 2024

Web Host Pro Announces Enhanced Web Hosting Services

Website Hosting Cost Guide 2024 – Forbes Advisor UK

Sharing IP Addresses On Shared Servers Is Normal & Fine For Google Rankings

Pros & Cons – Forbes Advisor Australia

HostBet Cloud Technologies Introduces Cutting-Edge Servers to Revolutionise Shared Hosting Experience