The Liquid exchange and NiceHash mining are among those affected by a scam that ended with GoDaddy employees giving their passwords over to the malicious actors. GoDaddy is one of the most popular services to register .com's and other popular domain name extensions.
Liquid's CEO Mike Kayamori says they used those employees access to partially breach the site's infrastructure, change their DNS records, and take possession of several internal email accounts. They also believe they downloaded copies of several 'important documents'.
The company recommended that its users change passwords and take additional security measures to prevent leakage of their data . He added that he had controlled the attack before hackers had access to his clients' accounts and assets.
The staff at Liquid noticed this on November 15th, just 4 days later the crypto mining service NiceHash also reported it was the victim of a security breach.
The company said that after detecting unauthorized changes to the configuration of its web domain registered with GoDaddy, it decided to freeze all client funds for 24 hours, a move that seems to have worked in protecting all funds.
Additional Companies Involved May Be Staying Silent...
No company in the crypto space wants their name connected to any type of security breach, and cyber security expert Brian Krebs's report shows there may be more crypto companies with GoDaddy domains, showing the same altered information as the confirmed victims.
This includes Bibox, Celsius, and Wirex - none have announced any issues, and none are responding to requests for comments.
GoDaddy spokesperson Dan Race says that the company identified the unauthorized changes to its customers' domains, and immediately blocked the accounts and reversed the changes.
-------
Author:
Asia News Desk