AAPL Stock: 118.03 ( -0.85 )

Printed from

Go Daddy DNS compromised, some site visitors infected

updated 01:48 pm EST, Fri November 23, 2012

Hackers change domain details to infect ransomware

Hackers have altered DNS records of websites hosted by Go Daddy, with the aim of infecting visitors with ransomware. The attackers are adding subdomains to the DNS records, pointing to a malicious IP address under their control, allowing victims to believe they are going to the right website, and for the pages to avoid various security protection mechanisms. This attack comes two months after an alleged attack on the Go Daddy network.

The server being pointed to has what is known as the Cool Exploit Kit, which according to Sophos is malware installation that uses a number of different vulnerabilities, in an effort to infect the visiting computer. Once infected, users are presented with a payment page that displays region-specific content that makes the computer appear as if it's been locked down by local law enforcement. The page uses a webcam that claims to record the user for identification purposes as well as a list of potential offenses that the user is said to have committed, and that if a fine is not paid within a certain timeframe, the computer would be locked down completely.

Affected webmasters are asked by Sophos to check their DNS records as soon as possible, and for visitors infected with the ransomware to consult someone that knows how to remove it from their system. Sophos has also contacted Go Daddy about the issue, and suggested to the company that it allow users to check the times account credentials have been used to access the control panel for a domain.

by MacNN Staff



  1. UmarOMC

    Fresh-Faced Recruit

    Joined: 08-09-01

    I wonder if DNSCrypt helps avoid things like this... I have it installed on OS X and my Win7 Bootcamp partition.

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented