Hackers Gain Control Over Domains of Popular Crypto Services

News
Sun, 11/22/2020 - 10:18
article image
Alex Dovbnya
Fraudsters tricked several GoDaddy employees into handing them control over the domains of popular crypto services earlier this November
Hackers Gain Control Over Domains of Popular Crypto Services
Cover image via stock.adobe.com
Contents

According to a Nov. 21 report by popular cybercrime blog KrebsOnSecurity, the domains of multiple cryptocurrency services have been attacked by hackers who pulled off a successful social engineering attack on web hosting company GoDaddy last week. 

Cryptocurrency exchange Liquid, hash power broker NiceHash, and digital payment platform Wirex and a few other names had their DNS records changed by the fraudsters.

Here’s how hackers pulled this off 

On Nov. 13, multiple GoDaddy employees were deceived into handing control over the domains of the aforementioned cryptocurrency platforms to malicious actors. 

While the details of the successful attack remain unknown, the fraudsters likely relied on voice phishing to dupe their targets. 

Voice phishing (or vishing) is a verbal social engineering scam that aims to steal sensitive information or money from unsuspecting victims. To make GoDaddy staff fall for its tricks, whoever was behind the attack likely used spear-vishing techniques to target specific employees instead of sending scattershot messages.

Liquid claimed that the malicious actor was able to get access to its customers’ personal information in its Nov. 18 blog post

GoDaddy states that it will focus on educating its employees in order to prevent such incidents in the future.     

“As threat actors become increasingly sophisticated and aggressive in their attacks, we are constantly educating employees about new tactics that might be used against them and adopting new security measures to prevent future attacks.”

Related Did KuCoin Actually Find Suspects Behind $281 Mln Hack?
Related
Did KuCoin Actually Find Suspects Behind $281 Mln Hack?

Social engineering attacks on the rise 

While the reputation of the largest domain registrar might have taken another significant hit, it is not alone in its fight against cybercriminals. Social media giant Twitter fell victim to a social engineering attack that made the official accounts of Elon Musk, Bill Gates, and other prominent Twitter personalities promote a Bitcoin scam in mid-July. 

Twitter
Image by wikipedia.org

As reported by U.Today, the Florida teenager who orchestrated the whole thing got arrested by the FBI on July 31.

Last week, Microsoft also issued a warning to the users to the users of its Office 365 suite about an uptick in phishing scams. 

article image
About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at alex.dovbnya@u.today.