GoDaddy Account Hacked (PLEASE HELP)

wow that's crazy sorry to hear that. sorry I can't help. I'm sure someone knows better on here.

I'm surprised they did it that way they did it. most times from what I've read on here. these guys usually do it stealth.

like still allow you access to your email account and simply start transferring or pushing out domains from your account slowly like one by one or cherry picking them.

and when they get the transfer confirmations immediately delete it and all emails about the domain from the inbox forever.

so no record of it.

Please note I think ICANN.org will always have a record you owned your domains.

I'd probably contact them first as registrars are notorious for not helping people out in these situations and say that their "hands are tied".

Good luck buddy!

WhoaDomain.com said:

wow that's crazy sorry to hear that. sorry I can't help. I'm sure someone knows better on here.

I'm surprised they did it that way they did it. most times from what I've read on here. these guys usually do it stealth.

like still allow you access to your email account and simply start transferring or pushing out domains from your account slowly like one by one or cherry picking them.

and when they get the transfer confirmations immediately delete it and all emails about the domain from the inbox forever.

so no record of it.

Please note I think ICANN.org will always have a record you owned your domains.

I'd probably contact them first as registrars are notorious for not helping people out in these situations and say that their "hands are tied".

Good luck buddy!

Click to expand...

Yes I really don't understand the way he acted! why would he alert me adding 2FA Im scared what this guy can do with my domains, he clearly doesn't want to transfer them I check and the status of the domain is still "clientTransferProhibited"

So I don't understand what he wants of me and my domains!

svelandiag said:

Yes I really don't understand the way he acted! why would he alert me adding 2FA Im scared what this guy can do with my domains, he clearly doesn't want to transfer them I check and the status of the domain is still "clientTransferProhibited"

So I don't understand what he wants of me and my domains!

Click to expand...

probably unfamiliar with domain names. just someone who hacked your gmail.

probably he or she is worried stealing your domains could show trail back to him. probably trying to figure out how to do it without getting caught.

sounds like not someone who specifically targetted you to steal your domain. just an email hacker.

Got any enemies? lol

@Paul Nicks, @Joe Styler.

Good luck,

Samer

WhoaDomain.com said:

probably unfamiliar with domain names. just someone who hacked your gmail.

probably he or she is worried stealing your domains could show trail back to him. probably trying to figure out how to do it without getting caught.

sounds like not someone who specifically targetted you to steal your domain. just an email hacker.

Got any enemies? lol

Click to expand...

Maybe he can send massive scam emails with my domain names and ruin my reputation? Well Im just thinking why he would have proceeded this way, so Im glad it seems that I won't lose my domain names! Still don't understand how he get my password...

I sent an email to icann support, asked them how they can help me to protect my domains.

svelandiag said:

Maybe he can send massive scam emails with my domain names and ruin my reputation? Well Im just thinking why he would have proceeded this way, so Im glad it seems that I won't lose my domain names! Still don't understand how he get my password...

Click to expand...

my GF taught me a long time ago.

when it comes to passwords always use a long phase with special characters and capitals and numbers like

!@#$OhCrap$IGotHacked666!@#$%
or
NextTimeSvelandiagUseLongPasswordPhrases

lol

Good luck friend and welcome

svelandiag said:

I sent an email to icann support, asked them how they can help me to protect my domains.

Click to expand...

Best thing you can do right now so there is a record of this with Icann.
From my experience with registrars they are not very helpful.

the mindset is that "you are the idiot who did not properly protect your email address so don't bother us and expect us to do things faster. we'll do this at the slowest speed possible as it is not our fault you used an easy to hack password."

or something like that.

WhoaDomain.com said:

my GF taught me a long time ago.

when it comes to passwords always use a long phase with special characters and capitals and numbers like

!@#$OhCrap$IGotHacked666!@#$%
or
NextTimeSvelandiagUseLongPasswordPhrases

lol

Good luck friend and welcome

Click to expand...

correct my password was not strong, from now I will be more cautious, and paranoic with passwords and security, I hope godaddy deactivates 2FA fast. I think this time my sites are down will hurt my SEO

What other things do you think guys I should do? or check?

It takes up to 5 days to transfers domain names from one registrar to another one.

It is possible to transfers them to another account but can be recovered easily by Godaddy when you provide your proofs.

You have to convice them to block activities on your account untils all this situation is cleared out, this is the first thing to do, after that it is a matter of time to solve this issue.

Good luck !

TheBuyerz said:

It takes up to 5 days to transfers domain names from one registrar to another one.

It is possible to transfers them to another account but can be recovered easily by Godaddy when you provide your proofs.

You have to convice them to block activities on your account untils all this situation is cleared out, this is the first thing to do, after that it is a matter of time to solve this issue.

Good luck !

Click to expand...

I talked with support and they told me they can't block my account... Tbh I think that some of the Godaddy support agenst are very incompetent, I called 4 times and talked with different agents and they told me different answer to my questions... One of them told me that I will receive email with instructions but I never received one...

So far thumbs down for Godaddy support, I just hope they help me asap with this and disable the 2FA so i can recover access to my account.

Im still wondering the way the hacker proceeded, still want to know his intentions, he knows I will recover access eventually, so Im not sure what doe he pretends.

svelandiag said:

I talked with support and they told me they can't block my account... Tbh I think that some of the Godaddy support agenst are very incompetent, I called 4 times and talked with different agents and they told me different answer to my questions... One of them told me that I will receive email with instructions but I never received one...

So far thumbs down for Godaddy support, I just hope they help me asap with this and disable the 2FA so i can recover access to my account.

Im still wondering the way the hacker proceeded, still want to know his intentions, he knows I will recover access eventually, so Im not sure what doe he pretends.

Click to expand...

Perhaps you used the same password of your Godaddy account in online websites and forums that were hacked.

Notice that even Yahoo, Linkedin etc. had their users' emails and passwords leaked, there is online website that purpose to check if your email and password were leaked on online platforms that were already hacked, make a search on Google.

Apparently, you used different password than on your email, since the hacker haven't access to your email address ... he choose to apply a 2FA instead.

Do Godaddy require users to confirm transfers by sending an email link ? or they allow the transfers directly ?

Have you linked your credit card ? or Paypal ? If so, you have to contact your bank to block temporarily your funds, and remove Godaddy agreement from inside your PayPal account.

TheBuyerz said:

Perhaps you used the same password of your Godaddy account in online websites and forums that were hacked.

Notice that even Yahoo, Linkedin etc. had their users' emails and passwords leaked, there is online website that purpose to check if your email and password were leaked on online platforms that were already hacked, make a search on Google.

Apparently, you used different password than on your email, since the hacker haven't access to your email address ... he choose to apply a 2FA instead.

Do Godaddy require users to confirm transfers by sending an email link ? or they allow the transfers directly ?

Have you linked your credit card ? or Paypal ? If so, you have to contact your bank to block temporarily your funds, and remove Godaddy agreement from inside your PayPal account.

Click to expand...

Ho my gosh I didn't know about that, I googled it and found this website! haveibeenpwned indeed my username and password has been leaked, probably this has something to do, however not sure how they knew my godaddy client number and username... Well but at least I can find an explanation...

Also the good thing according to what you guys have told me, the thief doesn't have enough expertise

By the way my domain email is still receiving and sending emails which is weird, since the hacker changed the DNSs of that domain, why it is still operative?

I think I will take security more seriously

Thanks GOD... Godaddy removed 2FA from my account once I received the email I immediately changed passwords and set up 2FA with my phone, now I recovered the access and changed the DNSs to my servers, it seems everything has been solved...

Not sure if the hacker doesn't have experience or he just wanted to warm my SEO, Im not sure what's gonna be the impact on the SERPs after this downtime... almost 24 hours where my website was giving 404 errors for the top ranked landings...

Well, Im lucky the hacker didn't know how to properly proceed, he could have made MUCH more damage, for now, I become paranoic with security...

I am sorry to hear this happened. I just logged onto Namepros today just now. I don't come here every day. Support has to be really careful because they don't know who you are. If you can validate into the account they can help you, but if you do not control the account because you were hacked, they have to be careful that you are not a hacker or social engineer. So on something like this it is usually handled slowly and carefully to make sure that the account is protected. It is easy enough in most cases to unwind things once we determine the rightful owner of the account.

Bottom line I would use 2fa on your accounts as a best practice including your email accounts. I am glad that you got it worked out. For anyone else wondering how to get help in this kind of circumstance going to changeupdate.com is the fastest way to get the correct info to the right team to help. If there is 2fa you also have to email the right info to prove you own the account and get that removed.