cyberpeace logo white
DONATE
JOIN US


CyberPeace Foundation is an organization working to create and uphold cyber peace and harmony throughout the globe. It continuously strives towards spreading cyber hygiene and cyber ethics.

The primary initiatives undertaken by us are:
CyberPeace Corps
Cyber Bridge
Charity Bounty
e-Raksha
e-Kawach

It has been found that cybercrimes and threats to women online are rising by the day, so that they are the prime targets of some sensitive crimes like revenge pornography and sextortion. For more details please visit digitalshakti.org

It has been found that cybercrimes and threats to women online are rising by the day, so that they are the prime targets of some sensitive crimes like revenge pornography and sextortion. Reasons causing this are not only economical, but also social and cultural, that prevent women from using the internet and issues like trolling that pop up when one uses it too often. With the development of a more advanced and digital age , it is of paramount importance to break this gender divide and create awareness among internet users, to help curb the threats and problems associated with the internet and its usage, and also pave a path to reap the benefits of these great technological advancements.

SUPPORT US TODAY! : Fundraising for the local community causes World Help received.

We are here to help you at any time all over the world so don’t hesitate to reach us at any moment.

Get in Touch

Locations

India

USA

Africa

+91 82350 58865
[email protected]

[email protected]

#Incident_report: The GoDaddy Hack

Jun 1, 2022

‘GoDaddy’ has recently made it public that they have identified a cyber-security incident in their systems. In a filing submitted at the SEC, the popular Webhosting service revealed that an unauthorised actor gained access to several kinds of data held by the GoDaddy servers, on 17th November 2020, of several active and inactive users of the Platform.

What exactly has been reported

The company has stated that the malicious actor(s) got hold of the systems through a compromised password and gained access to about 1.2 million Customer email addresses and customer numbers.  They further added that this could add a risk of phishing attacks for these customers. The actor(s) could have also gotten access to the admin controls of people with default or initially provided credentials along with access to the sFTP and Database’s access credentials. The compromise of the sFTP protocol can affect the authenticity and integrity of the data that is being transferred the website to the database or the servers, as it allows the website to vulnerable to a man-in-the-middle attack, where the attacker can access or modify the information sent or received.

They also stated that A subset of the platform’s customer’s SSL private key was also exposed and was in process of issuing and installing new certificates.

Since the investigation is under process, the company hasn’t provided any further details about the incident and has stated that they were contacting the customers directly or have requested the customers to contact GoDaddy at https://www.godaddy.com/help.

Advisory

From what information is available, at the moment, about the incident one can keep the following things in mind to make sure that they don’t get negatively impacted by this incident as GoDaddy is primarily a Business facing platform and a compromise of GoDaddy’s servers could essentially trickle down to a lot of other users as well.

  1. Be careful of the customer service emails from GoDaddy, which most likely a GoDaddy’s existing or past user will receive. Fraudsters might try to employ a phishing tactic in the garb of legitimate timing of an Email due to this compromise.
  2. If your organisation is a sizable operation and uses the services of GoDaddy for their Webhosting, employ the services of an Information security investigator to check if your Database has been maliciously accessed or not.
  3. Based on the results of the investigation one needs to look at the regulatory and legal requirements and compliance standards which they need to follow and act accordingly.
  4. Since GoDaddy has not identified the specific set of customers whose private SSL certificated have been, the active users of GoDaddy, especially the ones who incorporate payment portals or collect personal information from their users and customers, need to check in with GoDaddy’s Customer service if they are in the list of affected parties as they need to act accordingly and might be vulnerable to the man-in the middle attack attacks and can further compromise the data. Users can also consider taking the platform online or shift to other sources until further clarity is available on the incident.

The active and inactive users can contact GoDaddy through their portal at https://www.godaddy.com/help or contact the service representative for India at helpline 040 67607600, to get a clarity on what they need to do.

 

Author – Mr. Hrishikesh Bedi, Consultant, CyberPeace Foundation