HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
For only $7.95 a year, Go-Daddy offers fantastic extras like e-mail forwarding, hosting and now fully compromised websites. Who says you can get more for your money these days? 
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Hundreds of Go Daddy-Hosted Sites Compromised
- Thread starter HardOCP News
- Start date
HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
I know, I know...I'm a dick.
TwistedAegis
[H]F Junkie
- Joined
- Oct 7, 2009
- Messages
- 8,958
Accessed with UID and PW? But all at GoDaddy, and it sounds like multiple accounts. So either GoDaddy had a security breach somewhere, which they are denying, or they are the first registrar to catch/admit to this. I find it hard to believe that a keylogger somewhere logged a bunch of people typing in their account info solely for GoDaddy sites.
I agree, even if so, simple security measures such as not allowing SO MANY unsuccessful logins...yeah GoDaddy..I believe you....NOT.
I dislike godaddy but 445 is not really that much.
All of the site owners probably got a phishing email and were dumb enough to input their info and send....
Even that goofy Linus tech tip guy on youtube fell for a phishing scheme a few months back. Lost a bunch of videos and lost his account for a while lol.
http://forums.++++.com/forums/topic.php?id=2378271
All of the site owners probably got a phishing email and were dumb enough to input their info and send....
Even that goofy Linus tech tip guy on youtube fell for a phishing scheme a few months back. Lost a bunch of videos and lost his account for a while lol.
http://forums.++++.com/forums/topic.php?id=2378271
Almost 450 GoDaddy sites, it was definitely a breach of security on GoDaddy's side.
It's hard to believe key loggers or phishing would be targeted exclusively at GoDaddy sites owners.
How would they know that in the first place, unless they've breached GoDaddy's security?
They should investigate how all these site owners are related, is it aliases who start with the same letter, owners in a chronological list, etc. and they will quickly find out it was an internal job or breach.
It's hard to believe key loggers or phishing would be targeted exclusively at GoDaddy sites owners.
How would they know that in the first place, unless they've breached GoDaddy's security?
They should investigate how all these site owners are related, is it aliases who start with the same letter, owners in a chronological list, etc. and they will quickly find out it was an internal job or breach.
westrock2000
[H]F Junkie
- Joined
- Jun 3, 2005
- Messages
- 9,434
They also have the only NASCAR driver I wouldn't be offended seeing "fully compromised"
westrock2000
[H]F Junkie
- Joined
- Jun 3, 2005
- Messages
- 9,434
And by that I mean Danika Patrick, with less clothes.
according a 2009 article godaddy had 6.5 Million customers (http://www.webhostingtalk.com/news/godaddy-web-hosting-domain-registrar-garners-award/). I couldn't quickly find a more recent number, don't know where to look.
So 450 out of 6+ million is probably right for a good phishing scam or keyloggers. Lots of people have enough trouble with that kind of thing with World of Warcraft that they've added support for those security tokens, since so many people have trouble with stolen accounts.
So 450 out of 6+ million is probably right for a good phishing scam or keyloggers. Lots of people have enough trouble with that kind of thing with World of Warcraft that they've added support for those security tokens, since so many people have trouble with stolen accounts.
My money is on a Phishing email sent to hundreds of thousands of addresses harnessed from WHOIS queries and Godaddy is just the first to catch it and admit those users are jackasses but I don't doubt other hosts have found similar things.... 450 out of millions is not enough to have been a database breach.
I am thinking stolen account info via phishing not security breach. I don't have a godaddy account and yet I've gotten about 10 different emails telling me that i need to give them my account info.
So I could see them getting 500 people to give them their account info during one of these attempts.
So I could see them getting 500 people to give them their account info during one of these attempts.
450 customers with keylogger/trojan/responded to phishing mails out of 5-6 millions customers. No problem to believe that. anyone in network security know it is quite possible and if it was security breach, the number would be way more than 450. I work as security analyst for a big ISP and customer who got their emails credential informations stolen is quite enormous... Most of them (about 90%) are infected with keyloggers/trojans, 7% responded to phishing, 3% were using same credential informations on other website that has been breach.
Jabroni31169
My Future Son-in-Law
- Joined
- Apr 19, 2000
- Messages
- 10,336
I LULZ'd