Data security course specialists from KrebsOnSecurity firm revealed a recent phishing attack that tricked a customer service employee from GoDaddy.com, the world’s leading domain name registration provider.
Through this attack, threat actors managed to access and modify customer records, changing the domain settings of at least a dozen clients on the platform, including the popular escrow.com trading site, whose interface was modified to display an out-of-context message.
Data security course specialist Elliot Silver was informed on this unusual activity through a statement from Matt Barrie, CEO of the transaction platform: “During the attack, malicious hackers modified the DNS records of escrow.com to point to a web server controlled by unidentified third parties”.
By performing a reverse DNS lookup at address 18.104.22.168, researchers discovered that it is linked to less than a dozen domains, including a domain registered just 12 days ago that invokes the escrow.com registrar name: servicenow-godaddy.com. When you upload that domain to a browser, the same text that appeared Monday night in escrow.com is revealed, data security course experts detailed.
Everything indicated that someone had been the victim of a phishing attack, as the platform executives ensured that the hackers were able to access messages and notes backed up in their GoDaddy account, which only the company’s employees could have accessed.
The researchers later discovered that threat actors had access to this sensitive information, which they used to deceive GoDaddy staff into making the desired changes.
GoDaddy acknowledged that on March 30, they received an alert related to a security incident involving a customer’s domain name. An investigation revealed that one GoDaddy employee was the victim of a phishing attack and that five other accounts may have been compromised, although their names were not revealed.
While there is no way to prevent a 100% phishing attack, the International Institute of Cyber Security (IICS) notes that there are some methods to identify and prevent such attacks, such as two-factor authentication (2FA), password reset and user awareness.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.