DNS Records Another Big Target for Hackers

Most of us understand what a phishing attempt is and how to protect yourself. The basics of protecting yourself from a phishing attack is not to open any emails you don’t recognize and specifically, don’t click on suspect links. 

PHISHING TRENDS

Today’s phishing attack happened last week to one of the world’s largest domain name registrars, GoDaddy.com. One of their customer service employees fell victim to a social engineering attack which led to the infiltration of GoDaddy.com’s clients, instead of just GoDaddy itself. 

Image from Escrow.com homepage where hackers left a crude message behind on on Monday, April 6, 2020.

Image from Escrow.com homepage where hackers left a crude message behind on on Monday, April 6, 2020.

The hackers used their infiltration to grab DNS records from one of GoDaddy’s clients, Escrow.com. Escrow.com, an online broker of sorts, was one of five clients that were comprised during this phishing attack. On Monday evening, Escrow.com’s website had its homepage hijacked with a profanity-laced message left by the hackers. Although no systems seemed to be compromised or customer data, the DNS records were redirected to a third-party web server in Malaysia.  

FUTURE TRENDS

The trend is that hackers are targeting more and more companies that are responsible for DNS records. Just last December 2019, another popular domain registrar based in The Netherlands, OpenProvider, was also attacked and, ultimately through a series of complicated acts, thieved another domain e-hawk.net whose service is to help websites detect and block fraud! An Iranian group successfully attacked major companies via DNS-based attacks where they stole countless passwords and VPN credentials leading to the coining of the term DNSpionage. 

 PROTECT YOUR DNS RECORDS

One way to protect your DNS records are to acquire a registrar lock. This service requires the registrar to confirm any requested changes with the domain owner through manual contact. It can help ensure that .com, .net, .tv, .cc and .name domain names do not get hijacked. Shockingly, a miniscule 22 percent of domain names tracked in Forbes’ list of the World’s Largest Public Companies have secured registry locks! Some services include Verisign, Nameshield and others. 


Source

https://krebsonsecurity.com/2020/03/phish-of-godaddy-employee-jeopardized-escrow-com-among-others/?web_view=true

 

 

 

 

Previous
Previous

COVID-19 Relief Check Risk

Next
Next

Free Zoom Backgrounds