
Plus: The FBI got (at least a little bit) hacked, an election-disruption firm gets exposed, Russia mulls allowing “patriotic hacking,” and more.
“GoDaddy revealed in a statement on Thursday it had discovered that hackers inside its systems had installed malware on its network and stolen parts of its code. The company says it became aware of the intrusion in December 2022 when customers—the company hasn’t said how many—began reporting that their websites were being mysteriously redirected to other domains. GoDaddy says it’s investigating the breach and working with law enforcement, who have told the company that the hackers’ “apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities.”
It gets worse: GoDaddy revealed in an SEC filing that it believes the hackers are the same group that it found inside the company’s networks in March 2020, and which had stolen the login credentials of 28,000 customers and some of GoDaddy’s staff. Then in November 2021, the hackers used a stolen password to compromise 1.2 million customers’ WordPress instances, getting access to email addresses, usernames, passwords, and, in some cases, their websites’ SSL private keys. “Based on our investigation, we believe these incidents are part of a multiyear campaign by a sophisticated threat actor group,” the filing reads.”
Visit Wired.com to read full article.
Bolt Resources understands hackers don’t sleep. But you can. If you lead an organization and need to grow your cybersecurity staff, our Cybersecurity Recruiters in Dallas, TX will go to work on your behalf to recruit skilled cybersecurity talent who can secure and protect your organization’s critical infrastructure. Contact Us Today to learn more.