• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
godaddy discloses multi year security breach causing malware installations and source

GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft

You are here: Home / General Cyber Security News / GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
February 18, 2023

Web hosting services service provider GoDaddy on Friday disclosed a multi-year security breach that enabled not known risk actors to install malware and siphon resource code relevant to some of its services.

The business attributed the campaign to a “advanced and structured group focusing on hosting solutions.”

GoDaddy stated in December 2022, it been given an unspecified amount of client problems about their sites having sporadically redirected to destructive sites, which it afterwards uncovered was because of to the unauthorized 3rd party getting accessibility to servers hosted in its cPanel setting.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The risk actor “put in malware triggering the intermittent redirection of buyer internet websites,” the enterprise said.

The greatest aim of the intrusions, GoDaddy mentioned, is to “infect websites and servers with malware for phishing strategies, malware distribution, and other destructive activities.”

In a relevant 10-K submitting with the U.S. Securities and Trade Commission (SEC), the business claimed the December 2022 incident is related to two other security activities it encountered in March 2020 and November 2021.

The 2020 breach entailed the compromise of hosting login qualifications of about 28,000 hosting shoppers and a modest quantity of its staff.

Then in 2021, GoDaddy said a rogue actor made use of a compromised password to obtain a provisioning method in its legacy code foundation for Managed WordPress (MWP), impacting shut to 1.2 million active and inactive MWP consumers across various GoDaddy models.

Located this write-up attention-grabbing? Observe us on Twitter  and LinkedIn to study extra distinctive material we put up.


Some components of this posting are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos
Next Post: Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only twitter limits sms based 2 factor authentication to blue subscribers only»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Free decryptor released for Conti ransomware variant infecting hundreds of organisations
  • Bitwarden to release fix for four-year-old vulnerability
  • THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
  • New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
  • A New Security Category Addresses Web-borne Threats
  • ICO Reprimands Metropolitan Police for Data Snafu
  • Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
  • Russian Military Preparing New Destructive Attacks: Microsoft
  • Podcast transcript: The changing face of cyber warfare
  • Vishing Campaign Targets Social Security Administration

Copyright © TheCyberSecurity.News, All Rights Reserved.