IT.COM

Ars Technica: GoDaddy weakness let bomb threat scammers hijack thousands of big-name domains

Spaceship Spaceship
Watch
0

000

Top Member
VIP
★★★★★★★★★★
Impact
2,017
Remember the December 13 email blast that threatened to blow up buildings and schools unless recipients paid a $20,000 ransom? It triggered mass evacuations, closures, and lockdowns in the US, Canada, and elsewhere around the world.

An investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp, and other legitimate people or organizations. The same exploit allowed the scammers to hijack thousands of other domains belonging to a long list of other well-known organizations for use in other malicious email campaigns. Some of those other campaigns likely included ones that threatened to publish embarrassing sex videos unless targets paid ransoms.
Click to expand...

Read the story on Ars Technica
 
Click to expand...
Reply
2
2 Thanks
0 Like
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Sort by date Sort by points
000 said:
Read the story on Ars Technica
Click to expand...

The take-away from all of this is that for two years GoDaddy’s DNS service has supplied some of the most nefarious scammers on the Internet with an almost unlimited number of high-value domains. While the abuse relied on domain holders not properly locking down their DNS records, Bryant made a compelling argument that it was the DNS providers who are ultimately responsible for the abuse of their services.
Click to expand...
 
Click to expand...
Reply
2
2 Like
0 Thanks
•••
TL;DR

Spammers / criminals exploited a flaw that lets anyone create DNS records for a domain using Godaddy DNS but doesn't resolve. Maybe the domain was transferred or DNS subscription expired and DNS wasn't updated.

About 500K domains may be vulnerable. No update if the flaw was fixed or not.
 
Last edited:
Click to expand...
Reply
3
2 Thanks
1 Like
•••
So glad I moved everything I had away from GoDaddy. Can't stand them anymore for various reasons
 
Click to expand...
Reply
2
2 Like
0 Thanks
•••
briman1970 said:
So glad I moved everything I had away from GoDaddy. Can't stand them anymore for various reasons
Click to expand...

It amazes me how strongly I feel about GoDaddy. The ways in which they levy fees and blatantly engage in false advertising creates the image of a very darkly intentioned company.

And it's not just their size, although of course that's what makes them immune to small complaints, or even one of this size ^^^. Plan to move whatever I have with them away at the next opportunity.
 
Click to expand...
Reply
1
1 Like
0 Thanks
•••
Log in or sign up to reply here.

Similar threads

Mr.company
GoDaddy weakness let bomb threat scammers hijack thousands of big-name domains
1 reply
845 views
xeroox
xeroox
ivoy
  • Locked
priced Huge collection of aged domains, all dot com, many LLLL's
8 replies
4K views
ivoy
ivoy

We're social

Escrow.com

New posts

Auction activity

Domain Recover

What non .com extensions have you sold in 2024?

Polls of interest

Popular this week

Community favorite

Popular this month

Blog favorites

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back