24 November 20, 17:27
Quote:A recent social-engineering “vishing” attack on domain registrar GoDaddy temporarily handed over control of cryptocurrency service sites NiceHash and Liquid to fraudsters, exposing personal information of users.
Vishing is a phishing scam that uses voice interactions over the phone to gain trust with victims and fool them into handing over their credentials. Both sites, as well as GoDaddy itself, have since recovered from the compromise.
On Nov. 18, Liquid’s CEO Mike Kayamori announced the breach to its systems.
“On the 13th of November 2020, a domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor,” Kayamori’s statement said. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.”
The statement went on to explain Liquid was able to regain control of the domain and confirm that all of its clients’ funds were still accounted for. However, the company said the malicious actor was able to access customer emails, names, addresses and encrypted passwords.
“We are continuing to investigate whether the malicious actor also obtained access to personal documents provided for KYC such as ID, selfie and proof of address, and will provide an update once the investigation has concluded,” Liquid’s statement said.
Source: https://threatpost.com/godaddy-employees...cy/161520/