Hackers Targeting Godaddy Domain to Server Angler Exploit Kit
Hackers Targetting Godaddy Domain to Server Angler Exploit Kit, GoDaddy accounts compromised to run a campaign based on Angler kit, spread the Angler exploit kit, Domain Shadowing, What is Domain Shadowing, Hacking Godaddy account, infect malicious users
Cisco security expert discovered a new technique dubbed Domain Shadowing consisting in the creation of thousand subdomains used to spread the Angler exploit kit. Hackers hacking legitimate domain name account registered with Godaddy in order to infect visitors with malware, the hackers are using the accounts to create subdomains that direct unaware visitors to websites hosting Angler exploit.
On the blog post Nick Biasini of Cisco System wrote -
With a new technique called "Domain Shadowing", hackers are serving the Angler exploit through the hundreds of sub-domains. Domain shadowing is the process of using users domain registration logins to create subdomains. This is an increasingly effective attack vector since most individuals don’t monitor their domain registrant accounts regularly. These accounts are typically compromised through phishing.”
Hackers are mainly targeting Godaddy domains as Godaddy is one of the most popular domain registrar. Hackers mainly use Phishing Attack technique to hacked the login credentials of the domain accounts.