KrebsOnSecurity, the popular cybercrime blog, released a report stating that the domains of many cryptocurrency services have been victims of hackers. Just last week, they were able to successfully carry out a social engineering attack on a web hosting company, GoDaddy.
On November 13, hackers tricked many GoDaddy employees into handing over control of the cryptocurrency platform, as mentioned earlier, to malicious participants.
Cryptocurrency exchange Liquid, hash power broker NiceHash and digital payment platform Wirex, among other names, have had their DNS records altered by fraudsters.
How the Hackers Gained Access to GoDaddy
Although the details of successful attacks remain unknown, fraudsters tend to rely on voice phishing to mislead their targets.
Voice phishing is a verbal, psychological manipulation scam that aims to steal confidential information or money from an unsuspecting victim. For GoDaddy employees to succumb to their tricks, the person behind the attack was most likely using the copy-piercing technique to target specific employees rather than sending scattered messages.
Liquid claims the malicious actor managed to access his client’s personal information in a blog post on November 18. However, it is unclear whether any of the attacks resulted in financial losses. GoDaddy said it would focus on training its employees to prevent similar incidents in the future.
GoDaddy stated that as threat participants become more sophisticated and aggressive in their attacks, they will continue to train staff on new tactics to use against them. The company will further implement new security measures to prevent future episodes.
The Emergence of Social Engineering
While the largest domain registrar’s reputation may have dealt another big blow, it is not alone in the fight against cybercriminals. The social media giant Twitter was the victim of a social engineering attack that prompted an official Twitter report by Elon Musk, Bill Gates, and other celebrities to promote bitcoin scams in mid-July.
The FBI arrested the Florida teenager who set him up on July 31. Last week, Microsoft also notified users about its Office 365 plans to increase phishing scams.NiceHash was also a victim of a hack.
On November 18, it was noted that some settings at their GoDaddy’s domain registry records had been changed without permission. The situation led to a brief redirection of email and web traffic to the website.
Accordingly, NiceHash froze all of its customers’ funds immediately, for 24 hours to prevent the hackers from stealing funds and verify restoration to their original domain settings. The company advised its customers to change their passwords and enable 2FA security.