An unknown threat actor has been sitting in GoDaddy’s systems for years, installing malware, stealing source code, and attacking the company’s customers, the web hosting giant confirmed in an SEC filing late last week.
Per the filing (opens in new tab) (via BleepingComputer (opens in new tab)), the attackers breached GoDaddy’s cPanel shared hosting environment and used that as a launch pad for further attacks. The company described the hackers as a “sophisticated threat actor group”.
The group was eventually spotted when customers started reporting, late in 2022, that the traffic coming to their websites was being redirected elsewhere.
Links to previous incidents
Now, GoDaddy believes that the data breaches that were reported in March 2020 and November 2021 were all…
Source link