GoDaddy: Hacker group installed malware on hosting servers that redirected sites

Web hoster GoDaddy says a hacker group accessed GoDaddy’s hosting servers in December last year and installed malware on them. That malware caused some customer sites to redirect to malicious sites. The hacker group had been attacking GoDaddy for years.

The group gained access to GoDaddy’s cPanel environment and installed malware on it, causing sites to randomly and irregularly redirect visitors to other sites. It’s not clear how big this problem was, but the web host says it has received ‘a small number’ of complaints about this. The malware was probably part of a phishing campaign ‘and other malicious activities’.

GoDaddy says it has now resolved the problem and is in contact with police authorities and experts. The company says based on research now believe the attack was carried out by a group that has been attacking GoDaddy for years. In one of those attacks, the group ‘sharing’ allegedly stole source code. This group is allegedly behind the 2019 data breach of 28,000 accounts and the subsequent theft of customer data and admin passwords from up to 1.2 million users in 2021. GoDaddy does not name the group, but does say that it would also attack other web hosts.

Share