1. DNS/Domain hijacking/Godaddy
1.1. 2022
https://twitter.com/CryptoE95991110/status/1527406720070344705?s=20&t=A6ppQUtKiwsgC-o8MkaMrA
QuickSwap’s GoDaddy Domain Hijack: How it Happened & Our Proposal to Restore the Community May 19, 2022 by QuickSwap Official https://cryptoexchangenews.net/2022/05/quickswaps-godaddy-domain-hijack-how-it-happened-our-proposal-to-restore-the-community/
https://twitter.com/QuillAudits/status/1526116255757139968?s=20&t=ibneKTbF6IFYVnNueNxzpA
GoDaddy (DNSサービス)でも乗取が起きているそうだ。 そうだろう。ドメイン名の権利を確認しているようにも見えないから。
Scammers hijacked GoDaddy domains to apply bomb threat spam and other attacks Updated at March 18, 2021 https://gatefy.com/blog/scammers-hijacked-godaddy-domains-apply-spam/
https://blog.knowbe4.com/scammers-still-exploit-hijacked-godaddy-domains
1.2. 2020
https://twitter.com/briankrebs/status/1330214272111173634?s=20
GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services
Central European Time (CET), cyptocurrency mining service NiceHash disccovered that some of the settings for its domain registration records at GoDaddy were changed without authorization
In response to questions from KrebsOnSecurity, GoDaddy acknowledged that “a small number” of customer domain names had been modified after a “limited” number of GoDaddy employees fell for a social engineering scam.
https://jp.cointelegraph.com/news/liquid-by-quoine-may-have-a-personal-data-breach
仮想通貨取引所Liquid by Quoineで個人情報流出の可能性 https://www.liquid.com/ja/
11月13日午前5時58分ごろに、同社が利用するドメインホスティングプロバイダーであるGoDaddyのアカウント・ドメインの登録情報が第三者によって変更されたことを確認。外部からシステム・インフラの一部に不正アクセスできるようになった。
11月14日午前1時39分頃に「GoDaddy」により必要な再設定とQuoine側への復旧が確認された。
GoDaddy利用ドメインが乗取られていることをSpamhausが報告している。
ただし、手口の説明はされていない。-- ToshinoriMaeno 2020-05-06 08:57:43
https://twitter.com/SpamhausTech/status/1257658577810046976?s=20
- Missed the webinar on Domain Hijacking? Don't worry - watch it at your leisure here.
https://hubs.ly/H0q2cZz0 #domainhijacking #CyberSec #PassiveDNS
The Current State of Domain Hijacking, and a specific look at the ongoing issues at GoDaddy
2020-04-17 12:04:54 UTC | by Spamhaus Team | Category: domains, dbl, domain hijacking, godaddy
No useful explanation has been provided to them by GoDaddy.
---> What is going on over at GoDaddy? Published on February 12, 2020
https://www.linkedin.com/pulse/what-going-over-godaddy-simon-forster/
One of our researchers has reported over 5,000 hijacked domains to GoDaddy and there seems to be no end in sight. Another 700 today.
Scammers Still Exploit Hijacked GoDaddy Domains
https://blog.knowbe4.com/scammers-still-exploit-hijacked-godaddy-domains
1.3. 2019
Beware of "orphan" domains
Crooks Continue to Exploit GoDaddy Hole https://krebsonsecurity.com/2019/02/crooks-continue-to-exploit-godaddy-hole/
1.4. 歴史
GoDaddy Vulnerability Allows Domain Hijacking January 21, 2015Swati Khandelwal
https://thehackernews.com/2015/01/godaddy-vulnerability-allows-domain_20.html
- Cross-Site Request Forgery (CSRF or XSRF) vulnerability
GoDaddy takes down 15,000 subdomains used for online scams https://www.zdnet.com/article/godaddy-takes-down-15000-subdomains-used-for-online-scams/
GoDaddy wasn't the party who discovered this massive network of shady domains, but Palo Alto Networks security researcher Jeff White.
Scammers hacked into GoDaddy accounts
Once they gained access to GoDaddy accounts, the operators of this scam would create a subdomain for the customers' legitimate sites, which they'd later use to host one of the shady product promo pages and lure users with email spam campaigns.
アカウントを盗んだという説は怪しい。-- ToshinoriMaeno 2019-10-07 00:25:18
1.5. ヘルプ
https://www.godaddy.com/help/what-is-dns-665
https://jp.godaddy.com/help/dns-20165
- おかしな日本語訳?が表示されるので、英語版をみるのがよい。