HackDig : Dig high-quality web security articles for hackers

GoDaddy apologized for insensitive phishing email sent to its employees offering a fake bonus

GoDaddy made the headlines for an initiative that is dividing cybersecurity community, it sent phishing messages offering bonuses to its employees. GoDaddy sent an email to its employee that promised a Christmas bonus to help them to face economic problems caused by the ongoing COVID-19 pandemic. The web provider apologized Thursday for the cyber sec
Publish At:2020-12-26 16:00 | Read:319 | Comments:0 | Tags:Breaking News Hacking Security GoDaddy phishing

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texa
Publish At:2020-12-16 16:06 | Read:218 | Comments:0 | Tags:Data Breaches FireEye GoDaddy microsoft Orion RedDrip Team S

Crooks social-engineered GoDaddy staff to take over crypto-biz domains

Crooks were able to trick GoDaddy staff into handing over control of crypto-biz domain names in a classic DNS hijacking attack. Crooks were able to hijack traffic and email to various cryptocurrency-related websites as a result of a DNS hijacking attack on domains managed by GoDaddy. The threat actors were able to modify DNS settings by tricking GoDaddy e
Publish At:2020-11-24 07:54 | Read:253 | Comments:0 | Tags:Breaking News Cyber Crime Digital ID Hacking DNS hijacking G

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident is the latest incursion at GoDaddy that relied on tricking employees into transf
Publish At:2020-11-21 15:30 | Read:353 | Comments:0 | Tags:A Little Sunshine Web Fraud 2.0 Bibox Celcius.network Dan Ra

Experts shut down tens of thousands of subdomains set up with a domain shadowing campaign

Experts killed tens of thousands of subdomains used by crooks to host the RIG Exploit Kit that were set up with a domain shadowing campaign. GoDaddy and RSA Security, with the support of other security companies and researchers, have shut down tens of thousands of illegally established subdomains used by crooks to host the RIG Exploit Kit. The RIG exploit ki
Publish At:2017-06-06 09:55 | Read:4472 | Comments:0 | Tags:Breaking News Cyber Crime Malware Cybercrime Domain Shadowin

GoDaddy accounts compromised to run a campaign based on Angler kit

Experts at Cisco discovered a new technique dubbed Domain Shadowing consisting in the creation of thousand subdomains used to spread the Angler exploit kit Cyber criminals have used hundreds of legitimate domain name accounts registered through GoDaddy to run a malicious campaign using the popular Angler exploit kit. Crooks ha
Publish At:2015-03-04 17:30 | Read:4378 | Comments:0 | Tags:Breaking News Cyber Crime Malware Angler CISCO Cybercrime Do

GoDaddy Vulnerability Allows Domain Hijacking

An Internet domain registrar and web hosting company GoDaddy has patched a Cross-Site Request Forgery (CSRF or XSRF) vulnerability that allowed hackers and malicious actors to hijack websites registered with the domain registration company.The vulnerability was reported to GoDaddy on Saturday by Dylan Saccomanni, a web application security researcher and pen
Publish At:2015-01-21 17:11 | Read:5131 | Comments:0 | Tags:Cross-site request forgery CSRF dedicated server hosting DNS

GoDaddy fixed a CSRF flaw that allows Domain takeover

A security expert discovered a cross-site request forgery (CSRF) flaw to take over domains registered with GoDaddy, the company has already fixed it. The security engineer Dylan Saccomanni discovered a critical cross-site request forgery (CSRF) vulnerability in GoDaddy domain management console that could be exploited by attac
Publish At:2015-01-21 02:10 | Read:7983 | Comments:0 | Tags:Hacking CSRF DNS GoDaddy Csrf

CSRF Vulnerability Patched in GoDaddy Domain Settings

Domain registrar GoDaddy yesterday patched a cross-site request forgery vulnerability that could have allowed an attacker to change domain settings on a site registered with GoDaddy.The flaw was reported on Saturday and patched within 48 hours, according to Dylan Saccomanni, a web application security researcher and penetration testing consultant in New York
Publish At:2015-01-21 01:30 | Read:3328 | Comments:0 | Tags:Vulnerabilities Web Security Cross-site request forgery CSRF

New Phishing Emails Descend On GoDaddy Customers

This month, several new phishing emails have been targeting customers of the popular web hosting service and Internet domain registrar GoDaddy.The attacks began on December 3 when a GoDaddy user spotted a phishing email that plays on the verification requirements of the Internet Corporation for Assigned Names and Numbers (ICANN) in an attempt to trick custom
Publish At:2014-12-12 15:25 | Read:4573 | Comments:0 | Tags:Latest Security News email GoDaddy Phishing

Targeted Phishing Against GoDaddy Customers

I do get a lot of phishing emails, we all do, but as security professionals we tend to recognize them immediately. Either the syntax is wrong, or it’s missing a name. When you get them from a bank you don’t even deal with that’s a pretty good clue. However, when the phishing is well done and targeted, the game changes. Today, I received one
Publish At:2014-12-11 22:55 | Read:5207 | Comments:0 | Tags:Website Security godaddy phishing

IIS, Compromised GoDaddy Servers, and Cyber Monday Spam

While doing an analysis of one black-hat SEO doorway on a hacked site, I noticed that it linked to many similar doorways on other websites, and all those websites were on IIS servers. When I see these patterns, I try to dig deeper and figure out what else those websites have in common. This time I revealed quite a few GoDaddy Windows servers have been pwned
Publish At:2014-12-08 07:40 | Read:4650 | Comments:1 | Tags:Learn Webserver Infections Website Spam Cyber Monday godaddy

Tools

Tag Cloud