April 1, 2023

GoDaddy has disclosed a data breach from December 2022 that allowed unknown third parties to gain access to GoDaddy source code, and they installed malware on the company’s servers.

GoDaddy says it has added security measures to stop a similar attack in the future and is working with law enforcement to stop the bad actors.

Advertisements

Initially, GoDaddy noticed a problem in early December of last year, when a few customer complaints all mentioned that their website had been intermittently redirected.

GoDaddy realized that an unauthorized party had accessed the servers in their cPanel shared hosting environment, and the issue was caused by malware that had been installed by the third-party actor and obtained the source codes related to the services

The December 2022 incident is connected to two other security events it encountered in March 2020 and November 2021.

In 2020, the breach entailed the compromise of hosting login credentials of about 28,000 hosting customers and a small number of its personnel.

Advertisements

In 2021, GoDaddy said that the threat actor used a compromised password to access a provisioning system in its legacy code base for Managed WordPress (MWP), affecting close to 1.2 million active and inactive MWP customers across multiple GoDaddy brands.

Tags:

Leave a Reply

You may have missed

Cylance Ransomware Dissection

Cylance Ransomware Dissection

April 1, 2023
WordPress Elementor Pro Plugin Vulnerability

WordPress Elementor Pro Plugin Vulnerability

April 1, 2023
QNAP Critical Sudo Vulnerability

QNAP Critical Sudo Vulnerability

March 31, 2023
AlienFox Malware Toolset -SwissArmy Knife

AlienFox Malware Toolset -SwissArmy Knife

March 31, 2023
3CX Application Malvertised

3CX Application Malvertised

March 31, 2023
Microsoft Azure Super FabriXss Bug

Microsoft Azure Super FabriXss Bug

March 31, 2023
%d bloggers like this: