This month, GoDaddy, a leading web hosting provider, revealed that it had experienced a major security breach over several years, resulting in the theft of company source code, customer and employee login credentials, and the introduction of malware onto customer websites.
It means that the hackers were able to access and modify certain websites hosted by GoDaddy, in a way that allowed them to install malicious software (malware) onto these websites. This malware could then potentially harm visitors to these sites by stealing their personal information, infecting their devices, or performing other malicious actions.
While much of the media attention has focused on the fact that GoDaddy was targeted by the same group of hackers in three separate attacks. The threat actors typically employ social engineering tactics such as calling employees and luring them to a phishing website.
While reporting the matter to the U.S. Securities and Exchange Commission (SEC) the company said that the same group of hackers was responsible for three separate security breaches, including:
In March 2020, a phishing attack on an employee resulted in compromised login credentials for around 28,000 GoDaddy customers and a few employees.
In November 2021, attackers stole source code and information related to 1.2 million customers by using a compromised GoDaddy password, including website administrator passwords, sFTP credentials, and private SSL keys.
In December 2022, hackers accessed GoDad
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: