GoDaddy Employees Tricked Into Changing DNS Settings for Cryptocurrency Domains
Attackers used social engineering to trick employees at domain name registrar GoDaddy into transferring control of several cryptocurrency-related domains. The bad actors managed to gain access to some Liquid.com customer data. NiceHash noticed traffic was being redirected. The company froze customer accounts for 24 hours while it ensured that the domain settings were returned to normal.
Your organisation's domain name is a key asset and should be appropriately protected. Ask your registrar about getting a registry lock or domain lock service for your domain to make unauthorized changes more difficult.
Read more in
KrebsOnSecurity: GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services
ZDNet: GoDaddy staff fall prey to social engineering scam in cryptocurrency exchange attack wave
Threatpost: GoDaddy Employees Tricked into Compromising Cryptocurrency Sites
The Register: Crooks social-engineer GoDaddy staff into handing over control of crypto-biz domain names