= DNS/Domain hijacking/Godaddy = <> == 2022 == [[/QuillAudits]] https://twitter.com/CryptoE95991110/status/1527406720070344705?s=20&t=A6ppQUtKiwsgC-o8MkaMrA QuickSwap’s GoDaddy Domain Hijack: How it Happened & Our Proposal to Restore the Community May 19, 2022 by QuickSwap Official https://cryptoexchangenews.net/2022/05/quickswaps-godaddy-domain-hijack-how-it-happened-our-proposal-to-restore-the-community/ https://twitter.com/QuillAudits/status/1526116255757139968?s=20&t=ibneKTbF6IFYVnNueNxzpA GoDaddy (DNSサービス)でも乗取が起きているそうだ。 そうだろう。ドメイン名の権利を確認しているようにも見えないから。 Scammers hijacked GoDaddy domains to apply bomb threat spam and other attacks Updated at March 18, 2021 https://gatefy.com/blog/scammers-hijacked-godaddy-domains-apply-spam/ https://blog.knowbe4.com/scammers-still-exploit-hijacked-godaddy-domains == 2020 == https://twitter.com/briankrebs/status/1330214272111173634?s=20 https://krebsonsecurity.com/2020/11/godaddy-employees-used-in-attacks-on-multiple-cryptocurrency-services/ GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services Central European Time (CET), cyptocurrency mining service NiceHash disccovered that some of the settings for its domain registration records at GoDaddy were changed without authorization In response to questions from KrebsOnSecurity, GoDaddy acknowledged that “a small number” of customer domain names had been modified after a “limited” number of GoDaddy employees fell for a social engineering scam. ---- https://jp.cointelegraph.com/news/liquid-by-quoine-may-have-a-personal-data-breach 仮想通貨取引所Liquid by Quoineで個人情報流出の可能性 https://www.liquid.com/ja/ 11月13日午前5時58分ごろに、同社が利用するドメインホスティングプロバイダーであるGoDaddyのアカウント・ドメインの登録情報が第三者によって変更されたことを確認。外部からシステム・インフラの一部に不正アクセスできるようになった。 11月14日午前1時39分頃に「GoDaddy」により必要な再設定とQuoine側への復旧が確認された。 GoDaddy利用ドメインが乗取られていることをSpamhausが報告している。 ただし、手口の説明はされていない。-- ToshinoriMaeno <> https://twitter.com/SpamhausTech/status/1257658577810046976?s=20 Missed the webinar on Domain Hijacking? Don't worry - watch it at your leisure here. https://hubs.ly/H0q2cZz0 #domainhijacking #CyberSec #PassiveDNS https://www.youtube.com/watch?v=AHlhLx85PRc&feature=youtu.be&utm_content=128329880&utm_medium=social&utm_source=twitter&hss_channel=tw-719587158164692992 The Current State of Domain Hijacking, and a specific look at the ongoing issues at GoDaddy 2020-04-17 12:04:54 UTC | by Spamhaus Team | Category: domains, dbl, domain hijacking, godaddy https://www.spamhaus.org/news/article/797/the-current-state-of-domain-hijacking-and-a-specific-look-at-the-ongoing-issues-at-godaddy {{{ No useful explanation has been provided to them by GoDaddy. }}} ---> What is going on over at GoDaddy? Published on February 12, 2020 https://www.linkedin.com/pulse/what-going-over-godaddy-simon-forster/ {{{ One of our researchers has reported over 5,000 hijacked domains to GoDaddy and there seems to be no end in sight. Another 700 today. }}} [[/GoDaddyの返答]] {{{ Scammers Still Exploit Hijacked GoDaddy Domains }}} https://blog.knowbe4.com/scammers-still-exploit-hijacked-godaddy-domains [[DNS/orphaned_internet]] [[/Krebs]] == 2019 == Beware of "orphan" domains https://arstechnica.com/information-technology/2019/01/godaddy-weakness-let-bomb-threat-scammers-hijack-thousands-of-big-name-domains/ Crooks Continue to Exploit GoDaddy Hole https://krebsonsecurity.com/2019/02/crooks-continue-to-exploit-godaddy-hole/ ---- == 歴史 == GoDaddy Vulnerability Allows Domain Hijacking January 21, 2015Swati Khandelwal https://thehackernews.com/2015/01/godaddy-vulnerability-allows-domain_20.html Cross-Site Request Forgery (CSRF or XSRF) vulnerability ---- GoDaddy takes down 15,000 subdomains used for online scams https://www.zdnet.com/article/godaddy-takes-down-15000-subdomains-used-for-online-scams/ GoDaddy wasn't the party who discovered this massive network of shady domains, but Palo Alto Networks security researcher Jeff White. Scammers hacked into GoDaddy accounts Once they gained access to GoDaddy accounts, the operators of this scam would create a subdomain for the customers' legitimate sites, which they'd later use to host one of the shady product promo pages and lure users with email spam campaigns. アカウントを盗んだという説は怪しい。-- ToshinoriMaeno <> == ヘルプ == https://www.godaddy.com/help/what-is-dns-665 https://jp.godaddy.com/help/dns-20165 おかしな日本語訳?が表示されるので、英語版をみるのがよい。 https://www.godaddy.com/help/dns-20165 https://www.godaddy.com/help/manage-dns-zone-files-680