Printed from http://www.electronista.com

Go Daddy DNS compromised, some site visitors infected

updated 01:48 pm EST, Fri November 23, 2012

Hackers change domain details to infect ransomware

Hackers have altered DNS records of websites hosted by Go Daddy, with the aim of infecting visitors with ransomware. The attackers are adding subdomains to the DNS records, pointing to a malicious IP address under their control, allowing victims to believe they are going to the right website, and for the pages to avoid various security protection mechanisms. This attack comes two months after an alleged attack on the Go Daddy network.

The server being pointed to has what is known as the Cool Exploit Kit, which according to Sophos is malware installation that uses a number of different vulnerabilities, in an effort to infect the visiting computer. Once infected, users are presented with a payment page that displays region-specific content that makes the computer appear as if it's been locked down by local law enforcement. The page uses a webcam that claims to record the user for identification purposes as well as a list of potential offenses that the user is said to have committed, and that if a fine is not paid within a certain timeframe, the computer would be locked down completely.

Affected webmasters are asked by Sophos to check their DNS records as soon as possible, and for visitors infected with the ransomware to consult someone that knows how to remove it from their system. Sophos has also contacted Go Daddy about the issue, and suggested to the company that it allow users to check the times account credentials have been used to access the control panel for a domain.



By Electronista Staff
toggle

Comments

  1. UmarOMC

    Fresh-Faced Recruit

    Joined: 08-09-01

    I wonder if DNSCrypt helps avoid things like this... I have it installed on OS X and my Win7 Bootcamp partition.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a fort ...

Sponsor

toggle

Most Commented

 
toggle

Popular News