GoDaddy employees targeted in recent cryptocurrency service scandal

In a recent cryptocurrency service scandal, fraudsters targeted employees at GoDaddy, one of the largest web hosting and domain registration providers.

As part of the scam, the employees were tricked into transferring control of these domains to the fraudsters.

In the latest attack, which started on 13th November this year, malicious actors were able to gain control of liquid.com, a platform for cryptocurrency trading.

At one point in the attack, the perpetrators managed to find their way into the platform’s document storage.

On 18th November, Matjaz Skorjanc, the founder of crypto mining service NiceHash, discovered that something was amiss in the platform’s domain registration records at GoDaddy.

Web and email traffic was being redirected elsewhere, which resulted in NiceHash deciding to freeze all customer funds for a period of 24 hours to ensure that the settings got changed back to their initial values.

Although it appears that no personal data, passwords or emails were accessed, users were encouraged to turn on 2FA and change their login credentials without delay.

According to Skorjanc, the attackers did not get far as the team at NiceHash was able to fight them off successfully.

Other cryptocurrency platforms such as Celsius.network, Wirex.app and Bibox.com may also have been affected, though nothing is confirmed as of yet.

The fraudsters were able to execute social engineering tactics against a select few of GoDaddy’s employees.

The company responded by locking down the accounts involved in the incident and proceeded to revert them back to their prior state, thus undoing any unauthorised changes.

In its official statement, GoDaddy said that the rightful owners were able to regain access to their accounts.

While certain details of how the fraudsters were able to execute their social engineering attacks still remain unknown, it is clear that the employees were targeted over the phone.