Skip to main content

GoDaddy falls victim to spear phishing, customer domain settings changed

(Image credit: Image Credit: wk1003mike / Shutterstock)

At least one employee of GoDaddy.com, one of the world's largest domain name registrars, has fallen victim to a spear-phishing attack.

The attacker was able to control of domain settings for half a dozen of its customers, and even deface Escrow.com.

The news was first reported by KrebsOnSecurity, which received confirmations of the incident from both GoDaddy and Escrow.

Reportedly, the hacker successfully spear-phished one employee, with an additional five “potentially” affected. The attacker was able to read notes attached to Escrow's GoDaddy account, as well as change the DNS records for Escrow.com.

For roughly two hours, visitors to Escrow.com were met with this message: “Thanks for the many years, but we finally decide to scam u sh**s. F**K YALL, EMAIL SUPPORT FOR YA REFUNDS! JKJK MALAYSIA DEAD.”

GoDaddy says it has amended all the changes made by the attacker, and confirmed no data was taken.