According to the registrar, the incident took place not due to the detection of vulnerability in DNS management system.
Researchers at antivirus company Sophos found that attackers managed to compromise DNS records of web-sites that are on the hosting company Go Daddy. As a result of the incident, a number of portals on the registrar, redirected their users to malicious resources, which, in turn, contain exploits vulnerabilities.
Operating systems of victims of the attack were infected with malware, hijackers.
When the incident became known to the general public, Go Daddy could not explain exactly how the hackers managed to carry out hacking. However, now a senior registrar Scott Gerlach (Scott Gerlach) said that the reason was the successful hacking phishing attack.
“The Go Daddy recorded a very small number of customer accounts, in which attackers have harmful changes. At the moment, we eliminate these threats as they are discovered. In addition, compromised passwords have been changed – assured Gerlach. – We assume that the victims of the incident was used phishing, or their home computers were infected Cool Exploit ».
The expert also said that it is not due to vulnerabilities in the DNS or the private office of the account holder. In addition, Gerlach advised customers to “pass a two-step authentication.”