On December 2022, GoDaddy, a web hosting company, started receiving reports from customers regarding intermittent website redirection.
Upon investigation, the company found that an unauthorized third party had gained access to their cPanel shared hosting servers and installed malware causing the issue.
GoDaddy worked to remediate the situation and implemented additional security measures to prevent future infections.
The incident has been reported to multiple law enforcement agencies around the world, and forensics experts are working to investigate the issue further.
Evidence suggests that the attack was carried out by a sophisticated and organized group targeting hosting services like GoDaddy. The goal of the attack was to infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities.
GoDaddy is actively monitoring the behavior of the criminal organization and blocking attempts from them while collecting evidence and information to help law enforcement. They have shared this information in their 10-K filing.
The company has apologized for any inconvenience the incident may have caused to customers or visitors to their websites. They are also using lessons from the incident to enhance the security of their systems and further protect their customers and their data.
This incident serves as a reminder of the importance of maintaining strong cybersecurity practices, especially for businesses that handle sensitive customer information.
GoDaddy’s response to the attack shows the importance of promptly addressing security breaches and working with law enforcement agencies to identify the perpetrators. It also highlights the need for continued vigilance in the face of increasingly sophisticated cyber threats.