GoDaddy appears to have been hit for years by a cyber attack in which source code was captured and malware was placed on servers. This writes the American domain registrar and web host in a statement to stock market regulator SEC.
According to the statement, it was discovered last December that the company had been facing a cyber attack for years. The company detected the breach after customers complained that their websites were being abused for redirecting random domains.
Breach of servers hosting environment
The investigation revealed that cybercriminals accessed GoDaddy’s network over a long period of several years. This was due to a breach of the servers of its cPanel shared hosting environment. The cybercriminals, in addition to stealing source code, installed malware on these servers that then caused customer websites to be redirected.
With the hacking attack, the cybercriminals intend to abuse GoDaddy’s systems to carry out various cyberattacks. These include phishing campaigns, malware distribution and other malicious activities.
Previous attacks
The recent attack on GoDaddy’s servers is not an isolated incident. According to the company, the year-long breach is also the cause of attacks in 2020 and 2021 in which many customers’ login credentials were breached. In 2020, it involved 28,000 customers whose Web hosting login credentials were misused. In 2021, about 1.2 million Managed WordPress customers were affected after the cybercriminals managed to gain access to the WordPress environment of the domenregistrar and web hoster.
Meanwhile, GoDaddy is conducting further investigations into the cyber attack with the help of judicial authorities and forensic experts. The domain registrar and web host also says it has found evidence that the cyber attackers in question have also carried out attacks on other web hosting companies in this manner for years.
Also read: Data of more than million WordPress GoDaddy customers leaked