toggle

AAPL Stock: 109.27 ( -1.1 )

Printed from http://www.macnn.com

Go Daddy DNS compromised, some site visitors infected

updated 01:48 pm EST, Fri November 23, 2012

Hackers change domain details to infect ransomware

Hackers have altered DNS records of websites hosted by Go Daddy, with the aim of infecting visitors with ransomware. The attackers are adding subdomains to the DNS records, pointing to a malicious IP address under their control, allowing victims to believe they are going to the right website, and for the pages to avoid various security protection mechanisms. This attack comes two months after an alleged attack on the Go Daddy network.

The server being pointed to has what is known as the Cool Exploit Kit, which according to Sophos is malware installation that uses a number of different vulnerabilities, in an effort to infect the visiting computer. Once infected, users are presented with a payment page that displays region-specific content that makes the computer appear as if it's been locked down by local law enforcement. The page uses a webcam that claims to record the user for identification purposes as well as a list of potential offenses that the user is said to have committed, and that if a fine is not paid within a certain timeframe, the computer would be locked down completely.

Affected webmasters are asked by Sophos to check their DNS records as soon as possible, and for visitors infected with the ransomware to consult someone that knows how to remove it from their system. Sophos has also contacted Go Daddy about the issue, and suggested to the company that it allow users to check the times account credentials have been used to access the control panel for a domain.




by MacNN Staff

toggle

Comments

  1. UmarOMC

    Fresh-Faced Recruit

    Joined: 08-09-01

    I wonder if DNSCrypt helps avoid things like this... I have it installed on OS X and my Win7 Bootcamp partition.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...

MSI Geforce GTX 970 100ME

When Nvidia announced a new line of video cards in September 2014, many people thought things would continue to be business as usual i ...

toggle

Most Commented