Are GoDaddy technicians the victim of a vishing attack?

Are GoDaddy technicians the victim of a vishing attack?
Over the weekend, GoDaddy confirmed that it was involved in an operation that saw some of its employees victims of a scam that prompted them to reassign the management of several domains, putting them in the hands of cybercriminals. The sites in question would all be linked to cryptocurrency services such as Bitcoin.

GoDaddy confirms the security incident

The bad guys got in touch with the registrar's technical support and convinced those on the other end of the belong to the IT sector communications companies targeted outlets, finishing with getting assign access rights to stretch your hands on the address management, on e-mail boxes connected, on the stored database, etc. . On November 13, the operation successfully led to the compromise of Liquid, while in the following days the same fell to NiceHash. Probable (but unconfirmed) the interest also Bibox, Celsius and Wirex.
A company spokesman said that "a limited number" of domains assigned to customers has changed since that "few" employees GoDaddy got caught in a social engineering trap, adding the following.

Our security team has investigated and confirmed the activity of malicious actors, including social engineering which targeted a limited number of GoDaddy employees .

At the moment it is not known with certainty which technique is used, but it could be vishing, a form of phishing implemented via telephone call instead of email. The need to operate remotely in times of health crisis could be a risk factor exposing technical personnel to this type of attack.

This is not the first security incident for society in 2020: in the month of May confirmed a data breach involving approximately 28,000 customers.

Source: Krebs on Security
Powered by Blogger.