• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
godaddy discloses multi year security breach causing malware installations and source

GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft

You are here: Home / General Cyber Security News / GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
February 18, 2023

Web hosting services service provider GoDaddy on Friday disclosed a multi-year security breach that enabled not known risk actors to install malware and siphon resource code relevant to some of its services.

The business attributed the campaign to a “advanced and structured group focusing on hosting solutions.”

GoDaddy stated in December 2022, it been given an unspecified amount of client problems about their sites having sporadically redirected to destructive sites, which it afterwards uncovered was because of to the unauthorized 3rd party getting accessibility to servers hosted in its cPanel setting.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The risk actor “put in malware triggering the intermittent redirection of buyer internet websites,” the enterprise said.

The greatest aim of the intrusions, GoDaddy mentioned, is to “infect websites and servers with malware for phishing strategies, malware distribution, and other destructive activities.”

In a relevant 10-K submitting with the U.S. Securities and Trade Commission (SEC), the business claimed the December 2022 incident is related to two other security activities it encountered in March 2020 and November 2021.

The 2020 breach entailed the compromise of hosting login qualifications of about 28,000 hosting shoppers and a modest quantity of its staff.

Then in 2021, GoDaddy said a rogue actor made use of a compromised password to obtain a provisioning method in its legacy code foundation for Managed WordPress (MWP), impacting shut to 1.2 million active and inactive MWP consumers across various GoDaddy models.

Located this write-up attention-grabbing? Observe us on Twitter  and LinkedIn to study extra distinctive material we put up.


Some components of this posting are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos
Next Post: Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only twitter limits sms based 2 factor authentication to blue subscribers only»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root
  • Qilin Leads April 2025 Ransomware Spike with 45 Breaches Using NETXLOADER Malware
  • Security Tools Alone Don’t Protect You — Control Effectiveness Does

Copyright © TheCyberSecurity.News, All Rights Reserved.